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(57)Abstract: 

PROBLEM TO BE SOLVED: To exclude any illegal access by identifying any legal 
access with a small calculation quantity in single sign on type authentication for 
permitting plural times of access by single user authentication. 
SOLUTION: Secrecy information 4 is shared by a client means 1 and an 
authentication server means 2. The authentication server means 2 issues an 
authentication ticket 5 including collation information obtained by performing an 
irreversible arithmetic operation (f) on the secrecy information 4 (n) times. The client 
means 1 indicates this authentication ticket and presentation information obtained by 
performing an irreversible arithmetic operation (f) on the secrecy information 4 (n~k) 
times to a permission server means 3. The permission server means 3 performs the 
irreversible arithmetic operation (f) on the presented information (k) timesand checks 
whether or not this presented information matches the collation information. In this 
case(k) is increased from 1 to (n) so that the authentication ticket 5 can be used for 
the maximum (n) times of access without calculating the next presented information 
from the past presented information. 



CLAIMS 



[Claim(s)] 

[Claim 1]An authentication server means to publish an authentication ticket. 

An approval server means to which use of an authentication ticket is approvedand a 

client means which requires an authentication ticket of said authentication server 

meansand requires use approval of an authentication ticket of said approval server 

means. 

A client means which it is the authentication system provided with the aboveand the 
number of times of effective holds an authentication ticket which is n (n is a positive 
integer)shows thisand asks for use approvalProvide an approval server means to 
which presentation information is required of said client means in responseit 
compares with said authentication ticketand use is approvedand said authentication 
ticketlncluding a ticket identifiercollation informationand the number of times of 
effectivehe is given by attestation child and said collation informationPredetermined 
irreversible arithmetic operation is performed to confidential information which said 
authentication server means and said client means share n timesSaid presentation 
information in case a use count of said authentication ticket is k (k is a positive 
integer below n) performs said predetermined irreversible arithmetic operation to said 
confidential information n-k times. 

[Claim 2]The authentication system according to claim 1 wherein said authentication 
server means manages user authentication informationperforms a user authentication 
procedure between said client means and publishes said authentication ticket. 
[Claim 3]In a user authentication proceduregenerate a random numberand said 
authentication server means shows thisrequires attestation presentation information 
of said client meansand it said confidential informationThe authentication system 
according to claim 2wherein it performs said predetermined irreversible arithmetic 
operation to connection by said user authentication information and said random 
numbers once or more and said attestation presentation information performs said 
predetermined irreversible arithmetic operation to said confidential information n 
times. 

[Claim 4]Said authentication server means generates a random number in a user 
authentication procedureshows thisand requires attestation presentation information 
of a client meansSaid attestation presentation information is an EXCLUSIVE-OR- 
operation result of what performed said predetermined irreversible arithmetic 
operation to connection by said user authentication information and said random 
numbers once or moreand a random number for attestation which said client means 
generatedThe authentication system according to claim 2wherein said confidential 
information is said random number for attestation counted backward from said 
attestation presentation information. 

[Claim 5]The authentication system according to any one of claims 2 to 4wherein said 



user authentication information is a password entered by user. 

[Claim 6] The authentication system according to any one of claims 2 to 4wherein said 
user authentication information is the common key system encryption key held in 
secrecy. 

[Claim 7] The authentication system according to any one of claims 1 to 6wherein said 
attestation child is a message authorization code. 

[Claim 8]The authentication system according to any one of claims 1 to 6wherein said 
attestation child is a digital signature. 

[Claim 9]The authentication system according to any one of claims 1 to 8wherein said 
predetermined irreversible arithmetic operation is tropism hash operation on the other 
hand. 

[Claim 10]The authentication system according to any one of claims 1 to 9wherein 
said authentication ticket contains a server identifier. 

[Claim 1 1]The authentication system according to any one of claims 1 to 10wherein 
said authentication ticket includes the time of the date of issue. 
[Claim 12]Said authentication ticket including a publisher identifier said approval 
server meansWhile carrying out use approvalcollation information of said 
authentication ticketthe number of times of effectivethe time of the date of issuea 
publisher identifierand an attestation child are updatedThe authentication system 
according; to claim 1 1 wherein said collation information is updated by what performed 
said predetermined irreversible arithmetic operation to said confidential information n- 
k times and said number of times of effective is updated by n-k. 
[Claim 13]The authentication system according to any one of claims 1 to 12wherein 
said approval server means has managed a use count of said authentication 
ticketshows this and requires presentation information. 

[Claim 14]The authentication system according to any one of claims 1 to 12wherein 
said client means has managed a use count of said authentication ticketshows this 
with said authentication ticket and asks for use approval. 

[Claim 15]It has said two or more approval server means and an authentication ticket 
management tool which manages a use count of said authentication ticketand said 
client means has managed a use count of said authentication ticketwith said 
authentication ticketit shows this and asks for use approval. 

Said authentication server means points to shelf registration of said authentication 
ticket to said authentication ticket management tool while publishing said 
authentication ticketand said approval server meansThe authentication system 
according to any one of claims 1 to 1 1 not carrying out use approval when it points to 
renewal of a history of said authentication ticket to said authentication ticket 
management tool in response to presentation of said authentication ticket and a 
rejected note is received from said authentication ticket management tool. 

[Claim 16]Two or more preparations and said client means have managed a use count 



of said authentication ticket for said approval server meansand with said 
authentication ticketthis is shown and it asks for use approval. 
Memorize said authentication server means while it publishes said authentication 
ticketand an issuance history said approval server meansMemorize an update 
historywhile updating said authentication ticketand it refers for a history of said 
authentication ticket to said authentication server means which a publisher identifier 
of said authentication ticket shows in response to presentation of said authentication 
ticketor said approval server meansThe authentication system according to claim 12 
not carrying out use approval when a rejected note is received from said 
authentication server means or said approval server means. 

[Claim 17]Said approval server means generates a random number in a use approval 

procedureshows thisand requires presentation information. 

The authentication system according to any one of claims 14 to 16wherein said 

presentation information in case a use count of said authentication ticket is k is an 

EXCLUSIVE-OR-operation result of what performed said predetermined irreversible 

arithmetic operation to said confidential information n~k timesand said random 

number. 

[Claim 18]An authentication server means to publish an authentication ticketand an 
approval server meansto which use of an authentication ticket is approvedln an 
authentication system provided with a client means which requires an authentication 
ticket of .said authentication server meansand requires use approval of an 
authentication ticket of said approval server meansAn input means from which said 
client means obtains an input of the number of times of effective of a user- 
identification childuser authentication informationa server identifierand an 
authentication ticketTicket holding mechanism which obtains and holds an 
authentication ticket from said authentication server meansand is shown to said 
approval server meansA processing selecting means which acquires existence 
information on an authentication ticket and chooses processing from said ticket 
holding mechanismA hash means to obtain a random number and to perform hash 
operation to these connection from said authentication server means while acquiring 
user authentication information from said input meansA secret memory measure 
which memorizes in secrecy a hash value obtained from said hash meansTake out a 
hash value from said secret memory measureand the number of times n of effective 
(n is a positive integer) is obtained from said input means in a user authentication 
procedureSend a multi stage hash value which performed and obtained hash operation 
of n stage to said authentication server meansand the using frequency k (k is a 
positive integer below n) is obtained from said approval server means in a use 
approval procedureAn authentication information storage means which possessed a 
multi stage hash means to send a multi stage hash value which performed and 



obtained hash operation of a n-k stage to said approval server means and in which 
user authentication information was accumulated for said authentication server 
meansThe 2nd multi stage hash means that performs n+1 step of hash operation to 
connection by random number generating means which generates a random number 
and is sent to said client meansand user authentication information acquired from said 
authentication information storage means and a random number generated by said 
random number generating meansAn attestation collation means compared with a 
multi stage hash value which obtained a multi stage hash value obtained from said 
client means by said 2nd multi stage hash meansa ticket identifier creating means 
which generates an effective ticket identifierand attestation which clocks time and 
outputs time information — a time check — with a means. A ticket identifier obtained 
from said ticket identifier creating meansa multi stage hash value obtained from said 
attestation collation meansa server identifier obtained from said client means and the 
number of times of effectiveand said attestation — a time check — a time stamp 
based on time information acquired from a means. And add an attestation child to 
connection of a publisher identifier which shows an authentication server 
meansprovide an attestation child addition means sent to said client means as an 
authentication ticketand said approval server meansAn attestation child verifying 
means which verifies an attestation child of an authentication ticket who got from 
said client meansapproval which clocks time and outputs time information — a time 
check — a meansthe validity of a server identifier and a time stampand said approval 
— a time check — with a ticket effective judging means which checks the validity of 
a difference with time information acquired from a means. A ticket use management 
tool which remains with a ticket identifier of an authentication ticketand using 
frequencyand manages the number of times of availableThe 3rd multi stage hash 
means that outputs a secondary multi stage hash value which performed and obtained 
hash operation of k stage from said ticket use management tool to a multi stage hash 
value which obtained the using frequency k and was obtained from said client 
meansAn authentication system possessing an approval collation means which 
compares a multi stage hash value obtained from said ticket use management tooland 
a secondary multi stage hash value obtained from said 3rd multi stage hash means. 
[Claim 1 9]A server common key memory measure said attestation child addition 
means remembers a common key system encryption key shared between servers to 
beData connecting mechanism which connects a self-identifier storage means which 
memorizes a selHdentifierand a ticket identifiera multi stage hash valuethe number of 
times of effectivea time stampa server identifier and a publisher identifier obtained 
from said self-identifier storage meansA connection data hash means to perform hash 
operation to connection data obtained from said data connecting mechanismA 
common key system cryptographer stage which enciphers a hash value obtained from 
said connection data hash means using a common key system encryption key 
obtained p rom said server common key memory measureand is made into an 



attestation childAttestation child connecting mechanism which connects connection 
data obtained from said data connecting mechanism and an attestation child who got 
from said common key system cryptographer stage is providedThe 2nd server 
common key memory measure that memorizes a common key system encryption key 
which said attestation child verifying means shares between serversAttestation child 
separating mechanism which divides an authentication ticket into connection data and 
an attestation childand a data separation means which divides into a ticket identifiera 
multi stage hash valuethe number of times of effectivea time stampa server 
identifierand a publisher identifier connection data obtained from said attestation child 
separating mechanismThe 2nd connection data hash means that performs hash 
operation to connection data obtained from said attestation child separating 
mechanismThe 2nd common key system cryptographer stage that enciphers a hash 
value obtained from said 2nd connection data hash means using a common key 
system encryption key obtained from said 2nd server common key memory 
measureand is made into an attestation child for comparisonA publisher identifier 
collation means which confirms that a publisher identifier obtained from said data 
separation means is an effective server identifierThe authentication system 
possessing a comparison means to compare an attestation child for comparison who 
got from said 2nd common key system cryptographer stage with an attestation child 
who got from said attestation child separating mechanism when a collated result 
obtained from said publisher identifier collation means showed validityand to output a 
result according to claim 18. 

[Claim 20]A self-secret key memory measure said attestation child addition means 
remembers a public key system code secret key of an authentication server to be in 
secrecyData connecting mechanism which connects a self-identifier storage means 
which memorizes a self-identifierand a ticket identifiera multi stage hash valuethe 
number of times of effectivea time stampa server identifier and a publisher identifier 
obtained from said self-identifier storage meansA connection data hash means to 
perform hash operation to connection data obtained from said data connecting 
mechanismA public key system cryptographer stage which enciphers a hash value 
obtained from said connection data hash means using a public key system code 
secret key obtained from said self-secret key memory measureand is made into an 
attestation childAttestation child separating mechanism which possesses attestation 
child connecting mechanism which connects connection data obtained from said data 
connecting mechanismand an attestation child who got from said public key system 
cryptographer stage and from which said attestation child verifying means separates 
an authentication ticket into connection data and an attestation childA data 
separation means which separates into a ticket identifiera multi stage hash valuethe 
number of times of effectivea time stampa server identifierand a publisher 
identifierand outputs connection data obtained from said attestation child separating 
mechanismand the 2nd connection data hash means that performs hash operation to 



connection data obtained from said attestation child separating mechanismA server 
public key accumulation means which outputs a public key system code public key 
corresponding to a publisher identifier which a public key system code public key of 
an effective server was accumulatedand was obtained from said data separation 
meansA public key system decoding means which decodes an attestation child who 
got from said attestation child separating mechanism using a public key system code 
public key obtained from said server public key accumulation meansand is made into a 
hash value for comparisonThe authentication system possessing a comparison means 
to compare a hash value obtained from said connection data hash means with a hash 
value for comparison obtained from said public key system decoding meansand to 
output a result according to claim 18. 

[Claim 21]Said client means possesses an authentication random number creating 
means and the 1st exclusive OR meansand them said random number generating 
means for attestationln a user authentication proceduregenerate a random number for 
attestationand said 1st exclusive OR meansA disturbance hash value which obtained 
by performing EXCLUSIVE OR operation of a random number for attestation obtained 
from said random number generating means for attestation in a user authentication 
procedure and a hash value obtained from said hash means is sent to said 
authentication server meansMemorize said secret memory measure in secrecyand a 
random number for attestation obtained from said random number generating means 
for attestation said multi stage hash meansTake out a random number for attestation 
from said secret memory measureand the using frequency k is obtained from said 
approval server means in a use approval procedureA multi stage hash value which 
performed and obtained hash operation of a n~k stage is sent to said approval server 
meansSaid authentication server means possesses the 2nd hash means and 2nd 
exclusive OR means instead of said attestation collation meansand them said 2nd 
hash meansPerform hash operation to connection by user authentication information 
acquired from said authentication information storage meansand random numbers 
generated by said random number generating meansand said 2nd exclusive OR 
meansPerform EXCLUSIVE OR operation of a hash value obtained from said 2nd hash 
meansand a disturbance hash value obtained from said client meansand a random 
number for attestation is acquiredPerform said 2nd multi stage hash means by 
random numbers for attestation obtained from said 2nd exclusive OR meansand hash 
operation of n stage said attestation child addition meansA ticket identifier obtained 
from said ticket identifier creating meansa multi stage hash value obtained from said 
2nd multi stage hash meansa server identifier obtained from said client means and the 
number of times of effectiveand said attestation — a time check — a time stamp 
based on time information acquired from a means. And the authentication system 
according to any one of claims 18 to 20 adding an attestation child to connection of a 
publisher identifier which shows an authentication server meansand sending to said 
client means as an authentication ticket. 



[Claim 22]Said approval server means possesses the 3rd hash means and the 2nd 
attestation child addition means instead of said 3rd multi stage hash meansand them 
said 3rd hash meansOutput a secondary multi stage hash value which performed and 
obtained hash operation to a multi stage hash value obtained from said client 
meansand said approval collation meansGompare a multi stage hash value obtained 
from said ticket use management tooland a secondary multi stage hash value obtained 
from said 3rd hash meansand said 2nd attestation child addition meansA ticket 
identifier* server identifierand the remaining using frequency which were obtained 
from said ticket use management toola multi stage hash value obtained from said 
client meansand said approval — a time check — a time stamp based on time 
information acquired from a means. And the authentication system according to any 
one of claims 18 to 21 adding an attestation child to connection of a publisher 
identifier which shows an approval server meansand sending to said client means as 
an authentication ticket. 

[Claim 23]Have the following and said ticket update indication meansGenerate 
authentication ticket history update indication from a ticket identifier and a server 
identifier which were obtained from said attestation child verifying means when a 
decision result obtained from said ticket effective judging means showed validityand 
using frequency obtained from said client meansand it sends to said authentication 
ticket management toolThe using frequency k obtained from said client means when 
an authentication ticket rejected note was not returned from said authentication 
ticket management tooland a multi stage hash value obtained from said attestation 
child verifying means are outputtedGenerate a random numbersend said 2nd random 
number generating means to said client means and said 2nd exclusive OR meansand 
said 2nd exclusive OR meansPerform EXCLUSIVE OR operation of a random number 
obtained from said 2nd random number generating meansand a disturbance multi 
stage hash value obtained from said client meansand a multi stage hash value is 
acquiredSaid 3rd multi stage hash means outputs a secondary multi stage hash value 
which performed and obtained hash operation of k stage to a multi stage hash value 
obtained From said 2nd exclusive OR meansSaid authentication ticket management 
tool remains with a ticket identifier and the number of times of effective based on 
authentication ticket shelf registration directions obtained from said authentication 
server meansand a group with using frequency is managedThe authentication system 
according to any one of claims 18 to 21 which checks compatibility with 
authentication ticket history update indication obtained from said approval server 
meansand is characterized by sending an authentication ticket rejected note to said 
approval server means in the case of mismatching. 
One or more approval server means. 

An authentication ticket management tool which manages issue of an authentication 
ticket and Assessment on Search Report by Designated Searching Authority is 
providedSaid authentication ticket management tool remains with a ticket identifier 



and the number of times of effective based on authentication ticket shelf registration 
directions obtained from said authentication server meansand a group with using 
frequency is managedCompatibility with authentication ticket history update indication 
obtained from said approval server means is checkedln the case of mismatchingsend 
an authentication ticket rejected note at said approval server meansand said 
authentication server means possesses a ticket registration instruction meansand it 
said ticket registration instruction meansA ticket maintenance management tool 
which generates authentication ticket shelf registration directions from a ticket 
identifier obtained from said ticket identifier creating meansa server identifier 
obtained from said client meansand the number of times of effectiveand is sent to 
said authentication ticket management tooland said client means replaces with said 
ticket holding mechanism. 

Provide the 1st exclusive OR means and said ticket maintenance management 
toolManage using frequencywhile obtaining and holding an authentication ticket from 
said authentication server meansshow them to said approval server meansand said 
multi stage hash meansTake out a hash value from said secret memory measureand a 
multi stage hash value which performed and obtained hash operation of n stage in a 
user authentication procedure is sent to said authentication server meansThe using 
frequency k obtained from said ticket maintenance management tool in a use approval 
procedure is obtainedSend a multi stage hash value which performed and obtained 
hash operation of a n-k stage to said 1st exclusive OR meansand said 1st exclusive 
OR meansA ticket update indication means which performs EXCLUSIVE OR operation 
of a multi stage hash value obtained from said multi stage hash meansand a random 
number obtained from said approval server meansand sends a disturbance multi stage 
hash value of a result to said approval server meansand said approval server means 
replaces with a ticket use management tool. 

The 2nd random number generating means and the 2nd exclusive OR means. 

[Claim 24]Have the following and said renewal management tool of a ticket generates 
ticket use reference from a ticket identifier and a server identifier which were 
obtained from said attestation child verifying means when a decision result obtained 
from said ticket effective judging means showed validityand using frequency obtained 
from said client meanslt sends to said authentication server means or the 2nd 
approval server means which a publisher identifier showsWhen an authentication 
ticket rejected note is not returned from said authentication server means or said 2nd 
approval server meanswhile outputting using frequency obtained from said client 
meansand a multi stage hash value obtained from said attestation child verifying 
meansWhen a ticket identifiera server identifierand the remaining using frequency are 
managed and ticket use reference is received from said 2nd approval server meansthe 
compatibility of using frequency is checkedln the case of mismatchingsend an 
authentication ticket rejected note to said 2nd approval server meansand said 2nd 



random number generating meansGenerate a random numbersend to said client 
means and said 2nd exclusive OR meansand said 2nd exclusive OR meansPerform 
EXCLUSIVE OR operation of a random number obtained from said 2nd random 
number generating meansand a disturbance multi stage hash value obtained from said 
client meansacquire a multi stage hash valueand said 2nd hash means. Output a 
secondary multi stage hash value which performed and obtained hash operation to a 
multi stage hash value obtained from said 2nd exclusive OR meansand said 2nd 
attestation child addition meansA ticket identifiera server identifierand the remaining 
using frequency which were obtained from said ticket management meansa multi 
stage hash value obtained from said 2nd exclusive OR meansand said approval — a 
time check — a time stamp based on time information acquired from a means. And 
the authentication system according to claim 22 which adds an attestation child to 
connection of a publisher identifier which shows an approval server meansand is 
characterized by sending to said client means as an authentication ticket. 
Provide one or more approval server meansand said authentication server means 
possesses a ticket issue management tooland it said ticket issue management toolA 
ticket identifier obtained from said ticket identifier creating meansa server identifier 
obtained from said client meansand the number of times of effective are managedA 
ticket maintenance management tool which searches a ticket identifier based on 
ticket use reference obtained from said approval server meanschecks the 
compatibility of using frequencyand sends an authentication ticket rejected note at 
said approval server means in the case of mismatchingand said client means replaces 
with said ticket holding mechanism. 

Provide the 1st exclusive OR means and said ticket maintenance management 
toolManage using frequencywhile obtaining and holding an authentication ticket from 
said authentication server meansshow them to said approval server meansand said 
multi stage hash meansTake out a hash value from said secret memory measureand a 
multi stage hash value which performed and obtained hash operation of n stage in a 
user authentication procedure is sent to said authentication server meansThe using 
frequency k obtained from said ticket maintenance management tool in a use approval 
procedure is obtainedSend a multi stage hash value which performed and obtained 
hash operation of a n-k stage to said 1st exclusive OR meansand said 1st exclusive 
OR meansA renewal management tool of a ticket which performs EXCLUSIVE OR 
operation of a multi stage hash value obtained from said multi stage hash meansand a 
random number obtained from said approval server meansand sends a disturbance 
multi stage hash value of a result to said approval server meansand said approval 
server means replaces with said ticket use management tool. 
The 2nd random number generating means and 2nd exclusive OR means. 

[Claim 25]An authentication server means to publish an authentication ticket. 
An approval server means to which use of an authentication ticket is approved. 



A client means which requires an authentication ticket of said authentication server 
meansand requires use approval of an authentication ticket of said approval server 
means. 

Are the above the authentication method which it had and from an authentication 
server means to a client means. . Include predetermined irreversible arithmetic 
operation for n (n is positive integer) time almsgiving ********** i n confidential 
information which an authentication server means and a client means share. The 
number of times of effective publishes an authentication ticket which is nand it a 
client meansSaid authentication ticket is shown in an approval server meansask for 
use approvaland to a demand of presentation information on an approval server 
means a client meansWhen a use count of said authentication ticket is k (k is a 
positive integer below n)The result of an operation which performed said 
predetermined irreversible arithmetic operation to said confidential information n-k 
times is shown as said presentation informationan approval server means performs 
said predetermined irreversible arithmetic operation to said presentation information k 
timesand coincidence with the result of an operation and said collation information is 
identified 

[Claim 26]An authentication server means to publish an authentication ticket. 
An approval server means to which use of an authentication ticket is approved. 
A client means which requires an authentication ticket of said authentication server 
meansand requires use approval of an authentication ticket of said approval server 
means. 

Are the above the authentication method which it had and from an authentication 
server means to a client means. . Include predetermined irreversible arithmetic 
operation for n (n is positive integer) time almsgiving ********** in confidential 
information which an authentication server means and a client means share. The 
number of times of effective publishes an authentication ticket which is nand it a 
client meansSaid authentication ticket is shown in an approval server meansask for 
use approvaland to a demand of presentation information on an approval server 
means a client meansWhen a use count of said authentication ticket is k (k is a 
positive integer below n)Show the result of an operation which performed said 
predetermined irreversible arithmetic operation to said confidential information n-k 
times as said presentation informationand an approval server meansWhile performing 
said predetermined irreversible arithmetic operation to said presentation information 
once and identifying coincidence with the result of an operation and said collation 
informationcollation information included in said authentication ticket is updated to 
the result of an operation which performed said predetermined irreversible arithmetic 
operation to said confidential information n-k times. 

[Claim 27]Said authentication server means shows a random number to a client 



means which requires an authentication ticketrequires attestation presentation 
informationand it a client meansShow the result of an operation which performed said 
predetermined irreversible arithmetic operation to connection by user authentication 
information and said random numbers once [ n+] as said attestation presentation 
informationand an authentication server meansSaid predetermined irreversible 
arithmetic operation is performed to connection by user authentication information 
currently held and said random numbers once [ n+]If coincidence with the result of an 
operation and said attestation presentation information is checkedthe result of an 
operation which performed said predetermined irreversible arithmetic operation to 
connection by said user authentication information and said random numbers once will 
be made into said confidential informationThe authentication method according to 
claim 25 or 26 publishing an authentication ticket which includes n (n is positive 
integer) time almsgiving ****** collation information for predetermined irreversible 
arithmetic operation in this. 

[Claim 28]Said authentication server means shows a random number to a client 
means which requires an authentication ticketrequires attestation presentation 
informationand it a client meansAn EXCLUSIVE-OR-operation result of what 
performed said predetermined irreversible arithmetic operation to connection by user 
authentication information and said random numbers once or moreand a random 
number for attestation which a client means generated is shown as said attestation 
presentation informationAn authentication server means counts said random number 
for attestation backward from said attestation presentation information using user 
authentication information currently held and said random numberand makes said 
random number for attestation said confidential informationThe authentication method 
according to claim 25 or 26 publishing an authentication ticket which includes n (n is 
positive integer) time almsgiving ****** collation information for predetermined 
irreversible arithmetic operation in this. 

[Claim 29]An authenticating processing program recording medium which recorded a 
processing program of an authentication method performed by the authentication 
system according to any one of claims 1 to 24or the authentication method according 
to any one of claims 25 to 28 in form which an electronic computer can read. 



DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Field of the Invention]. This invention permits access of multiple times with one 
processing in which the validity of a client apparatus accessing a server apparatus is 
judged. Cipher processing in a client apparatus is made unnecessaryand it enables it 
to process also with a device with low computation capability especially about single 



sign-on type an authentication method and an authentication system. 
[0002] 

[Description of the Prior Art]In recent yearsthe server client type system which 
comprises the server apparatus and client apparatus which were connected via the 
network is general with development of digital communication technique. In such a 
server cl ent type systemit is important that it checks that a client apparatus and its 
user have the just authority to access a server apparatusand unjust access is made 
not to be performed. Although what is depended on password input is well known as 
an authentication method which checks this access permissionWhile the method of 
asking for password input whenever it accesses is safesince it is inconvenientfor a 
usera single sign-on [ which raised convenience ] type authentication method has 
come to oe used. Generally as such a single sign-on type authentication methodTTP 
(Trusted Third-party Protocol) used by a Kerberos authentication system is knownfor 
example. 

[0003]Hereafterit explainsreferring to Drawings for a conventional single sign-on type 
authentication method. Drawing 23 is a key map showing the outline of a conventional 
single sign-on type authentication methodand drawing 24 is a protocol sequence 
diagram showing a protocol. In drawing 23 and drawing 24 they are a client means in 
which 81 has a user interfacean authentication server means by which 82 performs 
user authenticationand an approval server means which 83 judges an access 
permission and performs use approval. 

[0004]In the user authentication procedure of the client means 81 and the 
authentication server means 82The client means 81 sends authentication demand 
Authenticate Request801 which became also considering the user-identification child 
UID inputted via the user interfaceand the server identifier SID as attestation 
presentation information to the authentication server means 820n the other handthe 
authentication server means 82 returns authentication reply Authorize Request802 
accompanied by session key SK enciphered considering the password PW as a key 
with authentication ticket Ticket803. 

[0005]In the use approval procedure of the client means 81 and the approval server 
means 83Approval demand Authorize Request804 which became also considering the 
user-identification child UID as whom the client means 81 was enciphered by session 
key SKand the time stamp TSk as presentation information is sent to the approval 
server means 83 with authentication ticket Ticket805On the other handthe approval 
server means 83 verifies the presentation information and authentication ticket 
Ticket805 in authentication demand Authorize Request804and if it admits being justit 
will return notice Resultof approval806. 

[0006]It explains in a conventional single sign-on type authentication method with the 
above protocol sequencesreferring to drawing 25 for the composition below. Drawing 
25 is a functional block diagram showing the composition of a conventional single 
sign-on type authentication method. Also in drawing 25 they are a client means in 



which 81 has a user interfacean authentication server means by which 82 performs 
user authenticationand an approval server means which 83 judges an access 
permission and performs use approval. 

[0007]The 1st transmission and reception means 311 in which the client means 81 
transmits and receives dataThe input means 81 1 which obtains the input from a 
userand the session key decoding means 812 which decodes the received session 
keyThe ticket holding mechanism 314 holding the received authentication ticketand 
the processing selecting means 315 which chooses processing according to the 
holding state of an authentication ticketthe secret memory measure 316 which 
memorizes the decoded session key in secrecyand the proof which clocks time — a 
time check — it comprises the means 813 and the certification information 
cryptographer stage 814 which enciphers attested certification information using a 
session key. 

[0008]The 2nd transmission and reception means 321 in which the authentication 
server means 82 transmits and receives datathe attestation which clocks time — a 
time check — with the means 322 and the authentication information storage means 
323 in which the user authentication information of a password etc. was accumulated. 
It comprises the session key creating means 821 which generates an encryption key 
for every user authentication processingthe session key cryptographer stage 822 
which enciphers a session key using a passwordand the ticket cryptographer stage 
823 which enciphers an authentication ticket using a session key. 
[0009]The 3rd transmission and reception means 331 in which the approval server 
means 83 transmits and receives datathe approval which clocks time — a time check 
— with the means 332 and the ticket decoding means 831 which decodes an 
authentication ticket. The ticket effective judging means 832 which performs the 
validity judging of an authentication ticketlt comprises the approval collation means 
835 which carries out comparative collation of the certification information decoding 
means 833 which decrypts attested certification informationthe certification 
information effective judging means 834 which performs the validity judging of 
attested certification informationand the contents of the authentication ticket and the 
contents of attested certification information. 

[001 0]lt explains in the conventional single sign-on type authentication method 
constituted as mentioned abovereferring to drawing 26 for the operation below. Firstin 
the client means 81 The user-identification child UID who shows the user itselfthe 
password PW for user authentication beforehand registered into the authentication 
server means 82and the server identifier SID of the object which obtains use approval 
are inputted into the input means 811 as the user input 800 (ST3101ST8101). The 
input means 81 1 takes out the server identifier 31 01 and sends it to the ticket holding 
mechanism 314 while it holds the user input 800 temporarily. The ticket holding 
mechanism 314 searches the authentication ticket data corresponding to the server 
identifier 3101 (ST3102)and sends the notice 3102 of search results to the processing 



selecting means 315. When the notice 3102 of search results shows non-**the 
processing selecting means 315When the user authentication processing starting 
information 8101 is sent to said input means 81 1 and owner ** is shownthe use 
approval procedure starting information 8102 is sent to said ticket holding mechanism 
314the secret memory measure 316and the certification information cryptographer 
stage 814 (ST3103). 

[001 1]If the user authentication starting information 8101 is givensaid input means 
81 1 The group 8103 of the user-identification child and server identifier which were 
taken out from the user input 800 held temporarily is sent to the authentication 
server means 82 as authentication demand Authenticate Request801 via the 1 st 
transmission and reception means 311 (ST8102)The user-identification child 8104 is 
seen off in the certification information cryptographer stage 814and the password 
8105 is sent to the session key decoding means 812. 

[0012]In the authentication server means 82authentication demand Authenticate 
Request801 is received by the 2nd transmission and reception means 321 The taken- 
out user- identification child 8201 is seen off in the authentication information storage 
means 323 and the ticket cryptographer stage 823and the server identifier 8202 is 
sent to the ticket cryptographer stage 823 (ST8201). The authentication information 
storage means 323 searches the password corresponding to the user-identification 
child 8201 (ST8202)In beingit sends the password 8203 to the session key 
cryptographer stage 822and the notice 8204 of search results is sent to the session 
key creating means 821 and the session key cryptographer stage 822 (ST8203). When 
the notice 8204 of search results shows owner **the session key creating means 821 
newly generates the random session key 8205and sends it to the session key 
cryptographer stage 822 and the ticket cryptographer stage 823 (ST8204). When the 
notice 8204 of search results shows owner **the session key cryptographer stage 
822The encryption session key 8206 which enciphered the session key 8205 using the 
password 8203 is generated (ST8205)This is sent to the client means 81 as 
authentication reply Authenticate Response802 via the 2nd transmission and 
reception means 321 (ST8207). attestation — a time check — the means 322 has 
clocked current time. 

The time stamp 3212 based on current time is supplied to the ticket cryptographer 
stage 823. 

Hold the ticket cryptographer stage 823 inside and the server common key 
corresponding to the server identifier 8202 is usedThe authentication ticket data 8207 
which enciphered the user-identification child 8201 the server identifier 8202the time 
stamp 3212and the session key 8205 is generated (ST8202ST8206)This is sent to the 
client means 81 as authentication ticket Ticket803 via the 2nd transmission and 
reception means 321 (ST8207). 

[0013]In the client means 81 authentication reply Authenticate Response802 is sent to 
the session key decoding means 812 as the encryption session key 8106 via the 1st 



transmission and reception means 31 1 Authentication ticket Ticket803 is sent to said 
ticket holding mechanism 314 as the authentication ticket data 8108 via the 1st 
transmission and reception means 311 (ST8103). Said ticket holding mechanism 314 
matches the authentication ticket data 8108 with the server identifier 31 01 and holds 
it (ST31 12). The session key decoding means 812 decrypts the encryption session 
key 8106 using the password 8105 (ST8104). Thereforeonly when a right password is 
entereda right session key can be obtained. The session key 8107 obtained by the 
session key decoding means 812 is sent to the secret memory measure 316and is 
memorized. 

[0014]The secret memory measure 316 sends the memorized session key 8109 to the 
certificat on information cryptographer stage 814when the session key 8107 is 
memorized in secrecyonly predetermined access is permitted and the use approval 
procedure starting information 8102 is given (ST8105). proof — a time check — the 
means 813 has clocked current time. 

The time stamp 81 10 based on current time is supplied to the certification 
information cryptographer stage 814. 

If the use approval procedure starting information 8102 is giventhe certification 
information cryptographer stage 814The attested certification information 8111 which 
enciphered the user-identification child 8104 and the time stamp 8110 using the 
session key 8109 is generated (ST8106)This is sent to the approval server means 83 
as approval demand Authorize Request804 via the 1st transmission and reception 
means 311 (ST8107). If the use approval procedure starting information 8102 is 
givensaid ticket holding mechanism 314The held authentication ticket data 81 12 
corresponding to the server identifier 3101 is sent to the approval server means 83 
as authertication ticket Ticket805 via the 1st transmission and reception means 311 
(ST8107). 

[0015]In the approval server means 83approval demand Authorize Request804 is sent 
to the certification information decoding means 833 as the attested certification 
information 8308 via the 3rd transmission and reception means 331 Authentication 
ticket Ticket805 is sent to the ticket decoding means 831 as the authentication ticket 
data 8301 via the 3rd transmission and reception means 331 (ST8301). The ticket 
decoding means 831 decrypts the authentication ticket data 8301 using the self- 
server common key held insideThe user-identification child 8302 and the server 
identifier 3303 which were obtainedand the time stamp 8304 are sent to the ticket 
effective ,udging means 832and the session key 8305 is sent to the certification 
information decoding means 833 (ST8302). approval — a time check — the means 
332 has clocked current time. 

The current time information 8306 is supplied to the ticket effective judging means 
832 and the certification information effective judging means 834. 
While the ticket effective judging means 832 performs the coincidence decision of the 
server identifier 8303 and the self-server identifier held insidelt confirms that the 



difference of the time stamp 8304 and the current time information 8306 is within the 
limits of the predetermined term of validityand when all are truththe user- 
identification child 8302 is made into the ticket user-identification child 8307and is 
seen off in the approval collation means 835 (ST3306ST3307). The user-identification 
child 8309 and the time stamp 8310 which were produced by the certification 
information decoding means 833 decrypting the attested certification information 
8308 using the session key 8305 are sent to the certification information effective 
judging means 834 (ST8303). Since attested certification information is enciphered 
using the session key by the client meansonly when a right session key is used by a 
client meansa right user-identification child and a time stamp are obtained here. The 
certification information effective judging means 834 confirms that the difference of 
the time stamp 8310 and the current time information 8306 is within the limits of a 
predetermined time lagWhen it is truththe user-identification child 8309 is made into 
the proof user-identification child 831 land is seen off in the approval collation means 
835 (ST8304ST8305). The approval collation means 835 performs the coincidence 
decision of the ticket user-identification child 8307 and the proof user-identification 
child 831 1 (ST8306)If it is truththe notice 8312 of approval will be sent to the client 
means 81 as notice Resultof approval806 via the 3rd transmission and reception 
means 331 (ST8307ST331 7)and it is received in the client means 81 (ST3118). When 
a coincidence decision becomes truth at this timethe user-identification child and the 
time stamp are obtained correctlyThis shows that the right session key was used by 
the client meansand since this means that the right password was entereda user 
authentication result and its use approval result will correspond. 
[0016] 

[Problem's) to be Solved by the Invention]Howeversince cipher processing which 
needs great computational complexity in the above-mentioned conventional 
composition is used abundantly and it is necessary to perform cipher processing at 
every use approval processing by a client side especiallyWhen client sides were a 
personal digital assistant and a device with low computation capability like a smart 
phoneit had SUBJECT that it was difficult to perform use approval processing by 
practical processing time. 

[0017]Since the use count of one authentication ticket is not restricted in the above- 
mentioned conventional composition but it is only having provided the term of 
validityEven if the code of the authentication ticket intercepted by the third party 
should have been decoded and unjust access was performedit also had SUBJECT 
that a possibility of finishing without being discovered was high. 
[0018]This invention solves such conventional SUBJECT. 

The purpose does not need cipher processing in a client sidebut even if it is a device 
with low computation capabilityuse approval processing can be performed by practical 
processing timelt is providing single sign-on type the authentication method and 
authentication system which can manage the use count of an authentication ticket 



easily. 



[0019] 

[Means for Solving the Problem]A client means which this invention holds an 
authentication ticket whose number of times of effective is n (n is a positive integer) 
to the Istshows thisand asks for use approval in order to solve this 
SUBJECTCompare with said authentication ticketin responserequire presentation 
informationprovide with an approval server means which carries out use approvaland 
said authentication ticketHe is given by attestation child including a ticket 
identifiercollation informationthe number of times of effectivethe time of the date of 
issueand a server identifierand said collation informationPredetermined irreversible 
arithmetic operation is performed to confidential information which a publisher and 
said client means of said authentication ticket share n timesSaid presentation 
information in case a use count of said authentication ticket is k (k is a positive 
integer below n) is characterized by performing said predetermined irreversible 
arithmetic operation to said confidential information n~k times. 
[0020]Sirgle sign-on type an authentication method and an authentication system 
which cannot need cipher processing in a client sidebut can manage a use count of an 
authentication ticket easily by thisand can eliminate double use are obtained. 
[0021]Said authentication server means generates a random number in a user 
authentication procedureand this is shown in the 2ndrequire attestation presentation 
information of a client meansand said confidential informationSaid predetermined 
irreversible arithmetic operation is performed to connection by said user 
authentication information and said random numbers once or moreand said attestation 
presentation information is characterized by performing said predetermined 
irreversible arithmetic operation to said confidential information n times. 
[0022]thereby — the above-mentioned effect — in additioncipher processing in a 
client side is not needed in a user authentication procedureand also single sign-on 
type an authentication method and an authentication system which can communalize 
data processing of attestation presentation information and data processing of 
presentation information are obtained. 

[0023]Said authentication server means generates a random number in a user 
authentication procedureand this is shown in the 3rdrequire attestation presentation 
information of a client meansand said attestation presentation informationlt is an 
EXCLUSIVE-OR-operation result of what performed said predetermined irreversible 
arithmetic operation to connection by said user authentication information and said 
random numbers once or moreand a random number for attestation which a client 
means generatedand said confidential information is characterized by being said 
random number for attestation counted backward from said attestation presentation 
information. 

[0024]Therebyit adds to the above-mentioned effectand since collation information 



included in an authentication ticket becomes unrelated to user authentication 

informationsingle sign-on type a safer authentication method and an authentication 

system v/hich even a possibility that user authentication information will be guessed 

does not have are obtained from an authentication ticket. 

[0025]It s characterized by on the other hand said predetermined irreversible 

arithmetic operation being tropism hash operation the 4th. 

[0026]Therebyin addition to the above-mentioned effecteven if a client side is a 

device with low computation capabilitysingle sign-on type an authentication method 

and an authentication system which can perform use approval processing by practical 

processing time are obtained. 

[0027]To the 5thsaid authentication ticket including a publisher identifier said 
approval server meansWhile carrying out use approvalupdate collation information of 
said authentication ticketthe number of times of effectivethe time of the date of 
issuea publisher identifierand an attestation childand said collation informationlt is 
what performed said predetermined irreversible arithmetic operation to said 
confidential information n-k timesand is updatedand said number of times of effective 
is characterized by being updated by n-k. 

[0028]Since it is updated in addition to the above-mentioned effect by this whenever 
it uses an authentication ticketespecially a time stamp is updated and the term of 
validity in an effective judging can be set up shorterSingle sign-on type an 
authentication method and an authentication system which possibility of an 
unauthorized use by a third party can be made smallerand can shorten response time 
of use approval further are obtained. 

[0029]To the 6thsaid client means has managed a use count of said authentication 
ticketlt is what shows this and asks for use approval with said authentication 
ticketHave an authentication ticket management tool which manages a use count of 
two or more preparations and said authentication ticket for said approval server 
meansand said authentication server meansWhile publishing said authentication 
ticketpoirit to shelf registration of said authentication ticket to said authentication 
ticket management tooland said approval server meansWhen it points to renewal of a 
history of said authentication ticket to said authentication ticket management tool in 
response to presentation of said authentication ticket and a rejected note is received 
from said authentication ticket management toolit is characterized by not carrying out 
use approval. 

[0030]thereby — the above-mentioned effect — in additionin a system by which an 
authentication ticket is not updatedsince it becomes possible to use an 
authentication ticket in common to two or more approval serverssingle sign-on type 
an authentication method and an authentication system with higher convenience are 
obtained. 

[0031]To the 7thsaid client means has managed a use count of said authentication 
ticketWith said authentication ticketthis is shownask for use approvaland said 



approval server means two or more preparations and said authentication server 
meansMemorize an issuance historywhile publishing said authentication ticketand said 
approval server meansMemorize an update historywhile updating said authentication 
ticketand it refers for a history of said authentication ticket to said authentication 
server means which a publisher identifier of said authentication ticket shows in 
response to presentation of said authentication ticketor said approval server 
meansWhen a rejected note is received from said authentication server means or said 
approval server meansit is characterized by not carrying out use approval. 
[0032]thereby — the above-mentioned effect — in additionin a system by which an 
authentication ticket is updatedsince the decentralized administration of the use of an 
authentication ticket can be carried outsingle sign-on type an authentication method 
and an authentication system which can lessen one management resource more are 
obtained. 
[0033] 

[Embodiment of the Invention] Hereafterit explainsreferring to Drawings for an 
embodiment of the invention. 

[0034](A 1st embodiment) The authentication system of a 1st embodiment comprises 
the client means 1 with a user interfacean authentication server means 2 to perform 
user authenticationand the approval server means 3 that judges the access 
permission of the client means 1 and performs use approvalas shown in drawing 1 . 
Can use a general purpose computera Personal Digital Assistanta smart phoneetc. for 
the client means 1for exampleand for the authentication server means 2. For 
examplea general purpose computeran exclusive authentication server deviceetc. can 
be usedand a general purpose computeran exclusive approval server apparatusan 
exclusive information providing deviceetc. can be used for the approval server means 
3. 

[0035]It is connected by a cable or the wireless communication network between the 
client means 1 and the approval server means 3. Although not necessarily connected 
between the client means 1 and the authentication server means 2 in a 
communication networkit is necessary to share the confidential information 4. As this 
confidential information 4a passworda common key system encryption keyor the 
calculated value computed from them is usedfor example. 

[0036]The client means 1 holds the authentication ticket 5 used in a use approval 
procedure. The authentication server means 2 publishes this to the client means land 
the authentication server means 2 makes collation information the result of having 
performed irreversible arithmetic operation f to the confidential information 4 n times 
(n is the number of times of effective of an authentication ticket)adds an attestation 
child to thisand generates the authentication ticket 5. An attestation child is added 
for the purpose of the prevention from an alteration of an authentication ticketand a 
publisher's proofand can use a message authorization codea digital signatureetc. 
[0037]In the use approval procedure of the client means 1 and the approval server 



means 3the result to which the client means 1 performed irreversible arithmetic 
operation f to the confidential information 4 in the n-k time (k is a use count in the 
use approval procedure of an authentication ticket) is used as the presentation 
information 6. As long as the irreversible arithmetic operation f has sufficiently safe 
irreversibilitythe length of a resultand random naturesince the third party who does 
not know the confidential information 4 cannot calculate this presentation information 
6it is shown that it is a valid user which gets to know the confidential information 4 
using this presentation information 6. Since many number of times of the irreversible 
arithmetic operation f in presentation information is performed so that it went back in 
the past and the following presentation information is also incalculable from this 
presentation information 6there is also no necessity for encryption. 
[0038]Send the client means 1 to the approval server means 3 with the 
authentication ticket 7 currently heldand this presentation information 6 to this the 
approval server means 3A check in agreement with the collation information which 
the authentication ticket 7 includes is performedand the result of having carried out 
irreversible arithmetic operation f to the presentation information 6 k times with an 
attestation child's verification which the authentication ticket 7 includes will return 
the notice 8 of approvalif it admits being just. 

[0039]By this methodthe client means 1 can obtain use approval to n times using the 
authentication ticket 7without revealing the confidential information 4 to a third party 
including the approval server means 3. 

[0040]Thusthe authentication system of this embodiment is provided with the 
following. 

The client means which the number of times of effective holds the authentication 
ticket which is n (n is a positive integer)shows thisand asks for use approval. 
The approval server means which requires presentation information in 
responsecompares with said authentication ticketand carries out use approval. 

[0041]Informationincluding a server identifier etc.other than collation information can 
be included in said authentication ticket at the time of a ticket identifierthe number of 
times of effectiveand the date of issueand an attestation child is given to this. 
Collation information is information which performed predetermined irreversible 
arithmetic: operation to the confidential information which the publisher and client 
means of an authentication ticket share n times. Said presentation information is 
information which performed predetermined irreversible arithmetic operation to said 
confidential information n-k timeswhen the use count of an authentication ticket is k 
(k is a positive integer below n). 

[0042]Single sign-on type the authentication method and authentication system which 
cannot need cipher processing in a client sidebut can manage the use count of an 
authentication ticket easilyand can eliminate double use by such composition are 
obtained. 



[0043](A 2nd embodiment) In the authentication system of a 2nd embodimenta client 
means shows attestation presentation information to the authentication server means 
22and requires an authentication ticket. 

[0044]The client means 1 1 in which this authentication system has a user interface 
as shown in drawing 2 An authentication server means 12 to perform user 
authenticationand the approval server means 3 which judges the access permission of 
the client means 1 1 and performs use approval are comprisedand it is connected by 
the cable or the wireless communication network between the client means 1 1the 
authentication server means 12and the approval server means 3. This approval server 
means 3 is the same as that of a 1st embodiment ( drawing Q there isand againThe 
authentication ticket returned to the client means 1 1 from the authentication server 
means 12 It is the same as that of a 1st embodiment ( drawing 1 ) also about the 
presentation information which the client means 1 1 transmits to the approval server 
means 3 and an approval ticketand the notice 8 of approval further returned to the 
client means 1 1 from the approval server means 3. 

[0045]The client means 1 1 and the authentication server means 12 of this 
authentication system share the result of having performed irreversible arithmetic 
operation f to connection by the password PW entered via the user interfaceand the 
random numbers R obtained from the authentication server means 12 onceas the 
confidential information 14. As long as the irreversible arithmetic operation f has 
sufficiently safe irreversibilitythe length of a resultand random naturethe third party 
who does not know the password PW cannot calculate this confidential information 14. 
[0046]In the user authentication procedure of the client means 1 1 and the 
authentication server means 1 2the authentication server means 1 2 generates a 
random numberthis is shownand attestation presentation information is required of 
the client means 11. The client means 1 1 computes the confidential information 14 by 
performing irreversible arithmetic operation f to connection by the random numbers R 
obtained from the password PW and the authentication server means 1 2 oncelt sends 
to the authentication server means 1 2 by making into the attestation presentation 
information 1 3 the result of having performed irreversible arithmetic operation f to 
this confidential information 14 further n times (n+1 total and n are the number of 
times of effective of an authentication ticket). 

[0047]On the other handa check of that the confidential information 14 of the 
authentication server means 1 2 corresponds from the attestation presentation 
information 13 will return the authentication ticket 5 which added the attestation child 
to this by making into collation information the result of having performed irreversible 
arithmetic operation f to the confidential information 14 n times. The client means 11 
is held in order to use this in a use approval procedure. An attestation child is added 
for the purpose of the prevention from an alteration of an authentication ticketand a 
publisher's proofand can use a message authorization codea digital signatureetc. 
[0048]In the use approval procedure of the client means 1 1 and the approval server 



means 3l:he result to which the client means 1 1 performed irreversible arithmetic 
operation f to the confidential information 14 in the n-k time (k is a use count in the 
use approval procedure of an authentication ticket) is used as the presentation 
information 6. As long as the irreversible arithmetic operation f has sufficiently safe 
irreversibilitythe length of a resultand random naturesince the third party who does 
not know the confidential information 14 cannot calculate this presentation 
information 6it is shown that it is a valid user which gets to know the confidential 
informati on 14 using this presentation information 6. Since many number of times of 
the irreversible arithmetic operation f in presentation information is performed so that 
it went back in the past and the following presentation information is also incalculable 
from this presentation information 6there is also no necessity for encryption. 
[0049]Verification of the attestation child who sends the client means 1 1 to the 
approval server means 3 with the authentication ticket 7 holding this presentation 
information 6 and in whom the authentication ticket 7 includes the approval server 
means 3 to thisThe result of having carried out irreversible arithmetic operation f to 
the presentation information 6 k times performs a check in agreement with the 
collation information which the authentication ticket 7 includesand if it admits being 
justthe notice 8 of approval will be returned. 

[0050]By this methodthe client means 1 1 can obtain use approval to n times using 
the authentication ticket 7without revealing the confidential information 14 and the 
password PW to a third party including the approval server means 3. 
[0051]Thjsin the authentication system of this embodimentan authentication server 
means generates a random number in a user authentication procedureshows thisand 
requires attestation presentation information of a client means. As confidential 
information at this timewhat performed predetermined irreversible arithmetic 
operation to connection by user authentication information and random numbers once 
or more is usedand what performed predetermined irreversible arithmetic operation to 
this confidential information n times as attestation presentation information is shown. 
[0052]such composition — the effect of a 1st embodiment — in additionalso in a user 
authentication procedurecipher processing in a client side is unnecessaryand single 
sign-on type the authentication method and authentication system which can 
communalize data processing of attestation presentation information and data 
processing of presentation information are obtained. 

[0053](A 3rd embodiment) As shown in drawing 3 the random number for attestation 
generated by the client means 21 is shared between the client means 21 and the 
authentication server means 22 as the confidential information 24 by the 
authentication system of a 3rd embodiment. 

[0054]In this systemin a user authentication procedurethe authentication server 
means 22 generates a random numberthis is shownand attestation presentation 
information is required of the client means 21. The client means 21 is sent to the 
authentication server means 22 by making into the attestation presentation 



information 23 the exclusive OR result of the result of having performed irreversible 
arithmetic operation f to connection by the random numbers R obtained from the 
password PW and the authentication server means 22 onceand the confidential 
information 24 which the client means 21 generated in secrecy. In drawing 3 the sign 
"@" shows the exclusive OR (EXOR) operation. 

[0055]Or the other handthe authentication server means 22 is counted backward 
from the attestation presentation information 23the password PWand the random 
number Rand asks for the confidential information 25. And irreversible arithmetic 
operation f is performed to this confidential information 25 n timesthat result of an 
operation is made into collation informationand the authentication ticket 5 which 
added the attestation child to this is returned to the client means 21. The client 
means 21 is held in order to use this in a use approval procedure. 
[0056]Suoposing the attestation presentation information 23 is suitably made from a 
third party with an inaccurate userEven if it can obtain the authentication ticket 5 by 
the client means 21the client means 21 does not understand the confidential 
information 25 which the server counted backward using the password PW and the 
random number R from the attestation presentation information 23. Thereforethe 
unjust access can be eliminated in a following use approval procedure. 
[0057]In the use approval procedure of the client means 21 and the approval server 
means 3the result to which the client means 21 performed irreversible arithmetic 
operation f to the confidential information 24 in the n-k time (k is a use count in the 
use approval procedure of an authentication ticket) is used as the presentation 
information 6. As long as the irreversible arithmetic operation f has sufficiently safe 
irreversibilitythe length of a resultand random naturesince the third party who does 
not know the confidential information 24 cannot calculate this presentation 
information 6it is shown that it is a valid user which gets to know the confidential 
information 24 using this presentation information 6. Since many number of times of 
the irreversible arithmetic operation f in presentation information is performed so that 
it went back in the past and the following presentation information is also incalculable 
from this presentation information 6there is also no necessity for encryption. 
[0058]Verification of the attestation child who sends the client means 21 to the 
approval server means 3 with the authentication ticket 7 holding this presentation 
information 6 and in whom the authentication ticket 7 includes the approval server 
means 3 to thisThe result of having carried out irreversible arithmetic operation f to 
the presentation information 6 k times performs a check in agreement with the 
collation information which the authentication ticket 7 includesand if it admits being 
justthe notice 8 of approval will be returned. 

[0059]By this methodthe client means 21 can obtain use approval to n times using 
the authentication ticket 7without revealing the confidential information 24 and the 
password PW to a third party including the approval server means 3. 
[0060]Thusin the authentication system of this embodimentan authentication server 



means generates a random number in a user authentication procedureshows thisand 
requires attestation presentation information of a client means. Attestation 
presentation information is an EXCLUSIVE-OR-operation result of what performed 
predetermined irreversible arithmetic operation to connection by user authentication 
information and said random numbers once or moreand the random number for 
attestation (confidential information) which the client means generatedand this 
confidential information is counted backward from attestation presentation 
information by an authentication server means. 

[0061]By such compositionthe collation information which an authentication ticket 
includes becomes unrelated to user authentication information. Thereforesingle sign- 
on type a safe authentication method and authentication system are obtained rather 
than even a possibility that user authentication information will be guessed from an 
authentication ticket cannot be found. 

[0062](A 4th embodiment) A 4th embodiment explains the block configuration of each 
means to perform the concrete communication procedure and it in the authentication 
system of a 2nd embodiment. 

[0063] Drawing 4 is a protocol sequence diagram showing the protocol in this system. 
In drawing 4the client means in which 31 has a user interfacean authentication server 
means by which 32 performs user authenticationand the approval server means which 
33 judges an access permission and performs use approval are shownand the sign "S 
(K|-)" shows the attestation child attachment function which used the key K. 
[0064]In the user authentication procedure of the client means 31 and the 
authentication server means 32Firstthe client means 31 sends authentication demand 
Authenticate Request301 accompanied by the user-identification child UID and the 
server identifier SID which were inputted via the user interface to the authentication 
server means 32. At this timeauthentication demand Authenticate Request301 is good 
also as a thing accompanied by the number of times n of effective of an 
authentication ticket. When that is not rightan authentication server shall just define 
the number of times n of effective fixed. 

[0065] On the other handthe authentication server means 32 returns attestation 
challenge Challenge302 accompanied by the random number R0 generated so that it 
might differ each time. The client means 31 which received this returns attestation 
challenge answer Response303 accompanied by the result of having given n+1 step of 
hash operation H to connection by the password PW and the random number R0 
which were inputted via the user interfaceOn the other handif the authentication 
server means 32 carries out comparison verification of the n+1 -step hash operation 
result in challenge answer Response303and the n+1 -step hash operation result 
performed itself and is in agreementit will admit being justAuthentication ticket 
Ticket304 to which the attestation child was added with the publisher identifier IID 
which shews ticket identifier TID and n+1 -step hash operation resulttime stamp 
TSOserver identifier SIDand authentication server 32 self is returned. [ which were 



newly generated ] The client means 31 is held in order to use this in a use approval 
procedure. 

[0066]In the use approval procedure of the client means 31 and the approval server 
means 33the client means 31 sends the approval demand Authorize Request and 
authentication ticket Ticket305 to the approval server means 33. At this timethe 
approval demand Authorize Request is good also as a thing accompanied by the user- 
identification child UID. On the other handthe approval server means 33 returns 
approval challenge Challenge306 accompanied by the value k based on the use count 
of this authentication ticket. The client means 31 which received this returns approval 
challenge answer Response307 accompanied by the result of having given hash 
operation [ of +one step of n-k ] H to connection by the password PW and the 
random numbers RO. 

[0067]Since this hash operation H cannot calculate this hash operation result for the 
sufficiently safe third party who does not know the password PW and the random 
number RO as long as iton the other handhas tropismthe length of a resultand random 
naturelt is shown that it is a valid user which gets to know the password PW by this 
hash operation result. Since many number of stageses of hash operation H are 
performed so that it went back in the past and the following hash operation result is 
also inca culable from this hash operation resultthere is also no necessity for 
encryption. As such hash operation H [ like ]algorithmssuch as MD5 and SHAcan be 
usedfor example. 

[0068]On the other handthe approval server means 32 carries out comparison 
verification of the result of having performed hash operation of k stage to the +1 step 
of n-k hash operation result in approval challenge answer Response307 furtherand 
the n+1-step hash operation result in authentication ticket Ticketlf in agreementit will 
admit being just and notice Resultof approval308 will be returned. At this timethe 
notice 3C8 of approval is good also as a thing simultaneously accompanied by the 
information Info to which access was permitted by use approval. 
[0069]By the above protocol sequencesthe client means 31 can obtain use approval 
to n times using the authentication ticket 304without revealing the password PW to a 
third party including the approval server means 33. 

[0070]It explains referring to the functional block diagram of drawing 5 for the 
composition with such a protocol sequence of an authentication system. 
[0071 ]In drawing 5 they are a client means in which 31 has a user interfacean 
authentication server means by which 32 performs user authenticationand an 
approval server means which 33 judges an access permission and performs use 
approval. 

[0072]The client means 31 is provided with the following. 

The 1st transmission and reception means 311 that transmits and receives data. 

The input means 312 which obtains the input from a user. 

A hash means 313 to connect two inputs and to perform hash operation H. 



The ticket holding mechanism 314 holding the received authentication ticketand the 
processing selecting means 315 which chooses processing according to the holding 
state of an authentication ticketA multi stage hash means 317 to perform hash 
operation of the secret memory measure 316 which memorizes a hash operation 
result in secrecyand the given number of stages or the number of stages of the 
difference of two given numerical values. 

[0073] Ac cording to the kind of communication networkthe 1st transmission and 
reception means 31 1 For exampleLAN interface devicessuch as a LAN cardTelephone 
interfacing unitssuch as ISDN interface devicessuch as a terminal adopterand a 
modemlt is good also as composition which comprises infrared ray interface 
devicessuch as wireless interface devicessuch as a portable data communication card 
and a PIAFS cardand an IrDA moduleetc.and uses these some properly according to a 
communications partner. The input means 312 comprises pointing devices and 
selection buttonssuch as character input devicessuch as a keyboard and a ten keya 
mousea trackballand a pen tabletcombination of a dial and a display screenor a touch 
panelfor example. The hash means 313 is constitutedfor example combining a logic 
circuit and the arithmetic circuit incorporating the algorithm of hash operation H. As 
for the ticket holding mechanism 314a memory circuit is usedfor example. A logic 
circuit can be used for the processing selecting means 315for example. The secret 
memory measure 316 is constituted by the memory device which had Tampa-proof 
nature like an IC cardfor example. The multi stage hash means 317 adds the 
arithmetic circuit etc. which search for the difference of the counter which counts 
the connection which feeds back an output to the arithmetic circuit which 
incorporated the algorithm of hash operation Hfor exampleand a number of stagesor a 
numerical valueand is constituted. Each above-mentioned means may be realized 
using the computer program on a microcomputer or a general purpose computer. Or it 
may record on a program recording medium in the form which can read the computer 
programand the composition combined with the program-recording-medium reader 
may realize. 

[0074]The authentication server means 32 is provided with the following. 
The 2nd transmission and reception means 321 that transmits and receives data, 
the attestation which clocks current time — a time check — the means 322. 
The authentication information storage means 323 which accumulates the user 
authentication information of a password etc. 

The random number generating means 324 which generates a random number for 
every user authentication processingand 2nd multi stage hash means 325 by which it 
is given and reliance also performs hash operation H of many number of stageses 
oneThe attestation collation means 326 which carries out comparative collation of the 
two multi stage hash valuesthe ticket identifier creating means 327 which generates a 
unique ticket identifier for every authentication ticket issueand the attestation child 



addition means 328 which generates and adds the attestation child to an 
authentication ticket. 

[0075]According to the kind of communication networkthe 2nd transmission and 
reception means 321 For exampleLAN interface devicessuch as a LAN cardlt 
comprises infrared ray interface devicessuch as wireless interface devicessuch as 
telephone interfacing unitssuch as ISDN interface devicessuch as a terminal 
adopterand a modema portable data communication cardand a PIAFS cardand an IrDA 
moduleetc. attestation — a time check — as for the means 322a timer counter is 
usedfor example. If the authentication information storage means 323 is the memory 
device which comprised a mass memory device and had the Tampa-proof naturein 
additionit is good. The random number generating means 324 comprises an arithmetic 
circuit which incorporated the random number generation algorithmfor exampleor an 
inverter which data-izes an electromagnetic noise. The 2nd multi stage hash means 

325 adds the counter etc. which count the connection which feeds back an output to 
the arithmetic circuit which incorporated the algorithm of hash operation Hfor 
exampleand a number of stagesand is constituted. The attestation collation means 

326 comprises a comparison circuitfor example. The ticket identifier creating means 

327 comprises a counter circuit which had sufficient bit lengthfor example. The 
attestation child addition means 328 comprises the arithmetic circuit and memory 
circuit incorporating an attestation child generation algorithm. Each above-mentioned 
means may be realized using the computer program on a microcomputer or a general 
purpose computer. Or it may record on a program recording medium in the form which 
can read the computer programand the composition combined with the program- 
recording-medium reader may realize. 

[0076]The approval server means 33 is provided with the following. 

The 3rd transmission and reception means 331 that transmits and receives data. 

the approval which clocks current time — a time check — the means 332. 

The attestation child verifying means 333 which verifies the attestation child added to 

the authentication ticket. 

The ticket effective judging means 334 which performs the validity judging of an 
authentication ticketThe ticket use management tool 335 which remains with the 
ticket identifier of an authentication ticketand the number of times of effectiveand 
manages the number of times of availablethe 3rd multi stage hash means 336 that 
performs hash operation H of the given number of stagesand the approval collation 
means 337 which carries out comparative collation of the two multi stage hash values. 

[0077]According to the kind of communication networkthe 3rd transmission and 
reception means 331 For exampleLAN interface devicessuch as a LAN cardlt 
comprises infrared ray interface devicessuch as wireless interface devicessuch as 
telephone interfacing unitssuch as ISDN interface devicessuch as a terminal 



adopterand a modema portable data communication cardand a PIAFS cardand an IrDA 
moduleet c. approval — a time check — as for the means 332a timer counter is 
usedfor example. The attestation child verifying means 333 comprises the arithmetic 
circuit arid memory circuit incorporating an attestation child verification algorithm. 
The ticket effective judging means 334 is constituted by the combination of a 
comparison circuitfor example. The ticket use management tool 335 is constituted by 
the combination of the arithmetic circuit which calculates using frequencyand a mass 
memory device. For examplethe 3rd multi stage hash means 336 is a change thingand 
the preset value of a counter consists of the same arithmetic circuits as the 2nd 
multi stage hash means 325. The approval collation means 337 comprises a 
comparison circuitfor example. Each above-mentioned means may be realized using 
the computer program on a microcomputer or a general purpose computer. Or it may 
record on a program recording medium in the form which can read the computer 
programand the composition combined with the program-recording-medium reader 
may realize. 

[0078]It explains in the authentication method and authentication system which were 
constituted as mentioned abovereferring to drawing 6 for the operation below. 
Herethe case where authentication demand Authenticate Request301 is accompanied 
by the number of times n of authentication ticket effective is explained. 
[0079]Firstin the client means 31 The user-identification child UID who shows the 
user itselfthe password PW for user authentication beforehand registered into the 
authentication server means 32the server identifier SID of the object which obtains 
use approvaland the number of times n of effective of an authentication ticket as the 
user input 300. It is inputted into the input means 312 (ST3101ST3104). The input 
means 312 takes out the server identifier 31 01 and sends it to the ticket holding 
mechanism 314 while it holds the user input 300 temporarily. The ticket holding 
mechanism 314 searches the authentication ticket data corresponding to the server 
identifier 3101 (ST3102)and sends the notice 3102 of search results to the processing 
selecting means 315. When the notice 3102 of search results shows non-**the 
processing selecting means 315The user authentication processing starting 
information 3103 is sent to said input means 312 and the multi stage hash means 
317and when owner ** is shown(ST3103) use approval procedure starting information 
3104 is siant to said ticket holding mechanism 314the secret memory measure 316and 
the multi stage hash means 317. 

[0080]If the user authentication starting information 3103 is givensaid input means 
312The group 3105 of the user-identification child and server identifier which were 
taken out from the user input 300 held temporarilyand the number of times of 
effective is sent to the authentication server means 32 as authentication demand 
Authenticate Request301 via the 1st transmission and reception means 311 
(ST3105)The number of times 3106 of effective is sent to the multi stage hash means 
317and the password 3107 is sent to the hash means 313. 



[0081]In the authentication server means 32authentication demand Authenticate 
Requested is received by the 2nd transmission and reception means 321 The taken- 
out user-identification child 3201 is seen off in the authentication information storage 
means 323the number of times 3202 of effective is sent to the 2nd multi stage hash 
means 325 and attestation child addition means 328and the server identifier 3203 is 
sent to the attestation child addition means 328 (ST3201). The authentication 
information storage means 323 searches the password corresponding to the user- 
identification child 3201 (ST3202)In beingit sends (ST3203) and the password 3204 to 
the 2nd nulti stage hash means 325and the notice 3205 of search results is sent to 
the random number generating means 324 and the 2nd multi stage hash means 325. 
[0082]When the notice 3205 of search results shows owner **while the random 
number generating means 324 newly generates the challenge random number 3206 for 
data disturbance at random and sends it to the 2nd multi stage hash means 325It 
sends to the client means 31 as attestation challenge Challenge302 via the 2nd 
transmiss ion and reception means 321 (ST3204). When the notice 3205 of search 
results shows owner **the 2nd multi stage hash means 325To connection by the 
password 3204 and the challenge random numbers 3206from the number of times 
3202 of effectivehash operation H of many number of stageses is performed oneand 
the multi stage hash value 3207 of a result is sent to the attestation collation means 
326 (ST3205). 

[0083]On the other handin the client means 31 it is received by the 1st transmission 
and reception means 311the challenge random number 3108 is taken outand 
attestation challenge Challenge302 is sent to the hash means 313 (ST3106). The hash 
means 313 performs hash operation H to connection by the password 3107 and the 
challenge random numbers 3108 (ST3107)and sends the hash value 3109 of a result 
to the secret memory measure 316 and the multi stage hash means 317. The secret 
memory measure 316 memorizes the hash value 3109 in secrecyand permits only 
predetermined accessi.e.the renewal of an addition in a user authentication procedure 
and the reference in a use approval procedure(ST3108). When the user authentication 
procedure starting information 3103 is given to the multi stage hash means 317Hash 
operation H of the number of stages equivalent to the number of times 3106 of 
effective is performed to the hash value 3109 (ST3109)and the multi stage hash value 
31 14 of a result is sent to the authentication server means 32 as attestation 
challenge answer Response303 via the 1st transmission and reception means 31 1 
(ST3110). 

[0084]On the other handin the authentication server means 32it is received by the 
2nd transmission and reception means 321the multi stage hash value 3208 is taken 
outand attestation challenge answer Response303 is sent to the attestation collation 
means 326 (ST3206). The attestation collation means 326 performs the coincidence 
decision of the multi stage hash value 3207 and the multi stage hash value 3208 
(ST3207)While sending the collated result 3209 to the ticket identifier creating means 



327it sends to the attestation child addition means 328 as it is by making the multi 
stage hash value 3208 into the multi stage hash value 3210. When the collated result 
327 shows coincidencethe ticket identifier creating means 327 generates the 
effective ticket identifier 3212and sends it to the attestation child addition means 328 
(ST3208). 

[0085]attestation — a time check — the means 322 has clocked current time and 
supplies the time stamp 321 1 based on current time to the attestation child addition 
means 328. The attestation child addition means 328 connects the publisher identifier 
which shows ticket identifier 3212multi stage hash value 3210number-of-times [ of 
effective ] 3202time stamp 321 1 server identifier 3203and authentication server 32 
selfOn the other handan attestation child is generated and addedand it is considered 
as the authentication ticket data 3213 (ST3209)and sends to the client means 31 as 
authentication ticket Ticket304 via the 2nd transmission and reception means 321 
(ST3210). 

[0086]On the other handin the client means 31 it is received by the 1st transmission 
and reception means 31 1the authentication ticket data 31 10 is taken outand 
authentication ticket Ticket304 is sent to said ticket holding mechanism 314 (ST31 11). 
Said ticket holding mechanism 314 matches the authentication ticket data 3110 with 
the server identifier 3101 and holds it (ST31 1 2)passing the 1 st transmission and 
reception means 31 1 for the authentication ticket data 31 1 1 when the use approval 
procedure starting information 3104 is given — as authentication ticket Ticket305 — 
the approval demand Authorize Request — the approval server means 33 — sending 
(ST31 13) The number of times 31 12 of effective is taken out from authentication 
ticket dataand it sends to the multi stage hash means 317. 
[0087]On the other handin the approval server means 33it is received by the 3rd 
transmission and reception means 331the authentication ticket data 3301 is taken 
outand the approval demand Authorize Request accompanied by authentication ticket 
Ticket305 is sent to the attestation child verifying means 333 (ST3301). While the 
attestation child verifying means 333 verifies compatibility with data divisions other 
than the attestation child of the authentication ticket data 3301 and an attestation 
child and sends the verification result 3304 to the ticket effective judging means 334 
(ST3304)The time stamp 3302 and the server identifier 3303 are taken out from a 
data divisionthe ticket identifier 3305the multi stage hash value 3306the number of 
times 33C7 of effectiveand the publisher identifier 3308 are taken out to the ticket 
effective judging means 334and it sends to the ticket use management tool 
335respectively. 

[0088]approval — a time check — the means 332 has clocked current time and 
supplies the time stamp 3309 based on current time to the ticket effective judging 
means 334. When the verification result 3304 shows those without an errorthe ticket 
effective judging means 334 (ST3305)While performing the coincidence decision of the 
server identifier 3303 and the self-server identifier held inside (ST3302ST3303)It 



confirms that the difference of the time stamp 3302 and the time stamp 3309 based 
on current time is within the limits of the predetermined term of validity 
(ST3306vST3307)and when all are truththe ticket effective notice 3310 is sent to the 
ticket use management tool 335. If security will improve if this term of validity is set 
up shortbut user convenience falls and is set up for a long timeuser convenience will 
improvebut since security fallsit should take into consideration and define these 
balance. For examplewhat is necessary is just to carry out in 12 hours in 8 hours 
which can cover the office hours on the 1 sttf it applies to the business-use system 
by which severe security is not demanded, however — the shortest — the hour 
corresponding between a client - a server — and — each — a time check — it can 
be necessary to cover the time error between means 

[0089] When the ticket use management tool 335 has managed the ticket list at this 
time and the ticket effective notice 3310 is givenit is investigated whether the ticket 
identifier 3305 is usedunder a ticket list is searchedand it is already registered 
(ST3308). If there is no applicable thingthe group of the number of times 3307 of 
effective as a value which remains with the ticket identifier 3305 and the number of 
times 3307 of effectiveand shows the number of times of available will be added to a 
ticket listand will be memorized (ST3309ST3310). At this timeit may memorize in 
accordance with the multi stage hash value 3306 and the publisher identifier 3308. 
When there is this added group or a thing applicable by searchit receives that this ** 
constructslt asks for the using frequency 331 1 which the ticket use management tool 
335 remainsreduces the number of times of available oneremains with the number of 
times of effectiveand a difference with the number of times of available shows 
(ST331 DWhile sending this to the client means 31 as approval challenge Challenge306 
via the 3rd transmission and reception means 331 (ST331 2)it sends also to the 3rd 
multi stage hash means 336. It sends to the approval collation means 337 as it is by 
making the multi stage hash value 3306 into the multi stage hash value 3312. 
[0090]On the other handin the client means 31 it is received by the 1st transmission 
and reception means 31 1the using frequency 3115 is taken outand approval challenge 
Challenge306 is sent to the multi stage hash means 317 (ST31 14). When the use 
approval procedure starting information 3104 is giventhe multi stage hash means 
317The hash value 31 13 is obtained from said secret memory measure 316 
(ST31 15)Hash operation H of the number of stages equivalent to the difference of the 
number of times 31 12 of effective and the using frequency 31 15 is performed to the 
hash value 31 13 (ST31 16)The multi stage hash value 31 16 of a result is sent to the 
approval server means 33 as approval challenge answer Response307 via the 1 st 
transmission and reception means 311 (ST3117). 

[0091]Since hash operation H cannot calculate this multi stage hash value 3116 for 
the sufficiently safe third party who does not know the password PW and the random 
number R0 as long as iton the other handhas tropismthe length of a resultand random 
naturelt i:s shown that it is a valid user which gets to know the password PW by this 



multi stage hash value 31 16. Since many number of stageses of hash operation H in a 
multi stage hash value are performed so that it went back in the past and the 
following multi stage hash value is also incalculable from this multi stage hash value 
31 16there is also no necessity for encryption. Generally it is supposed 100 or more 
times [ operation / code ] that it is hash operation a high speedand if it is a suitable 
number of stagesit can process at high speed than the case where a code is used. 
[0092]On the other handin the approval server means 33it is received by the 3rd 
reception means 331the multi stage hash value 3313 is taken outand approval 
challenge answer Response307 is sent to the 3rd multi stage hash means 336 
(ST3313) The 3rd multi stage hash means 336 performs hash operation H of the 
number of stages equivalent to the using frequency 331 1 to the multi stage hash 
value 3313and sends the secondary multi stage hash value 3314 of a result to the 
approval collation means 337 (ST3314). The approval collation means 337 performs 
the coincidence decision of the multi stage hash value 3312 and the secondary multi 
stage hash value 3314 (ST3315ST3316)If it is truththe notice 3315 of approval will be 
sent to the client means 31 as notice Resultof approval308 via the 3rd transmission 
and reception means 331 (ST3317)and it is received in the client means 31 (ST31 18). 
By this methodthe client means 31 can obtain use approval to n times using the 
authentication ticket 305without revealing the password PW to a third party including 
the approval server means 33. 

[0093]Although it had composition which calculates a multi stage hash value in the 
client means 31 at every use approval procedure in the above explanationit is good 
also as composition which carries out precomputation of the multi stage hash value of 
all the number of stageses at the time of acquisition of an authentication ticketand is 
memorized to the secret memory measure 316. In that caseprocessing time for every 
use approval procedure of what needs to use the more nearly mass Tampa-proof 
nature memory device as the secret memory measure 316 can be shortened more. 
[0094]Nextin the authentication system of a 4th embodiment shown in drawing 5t he 
detailed example of composition and operation of the attestation child addition means 
328 at the time of using a message authorization code as an attestation child and the 
attestation child verifying means 333 are explained with reference to drawing 7 and 
drawing 8 . 

[0095]The attestation child addition means 328 is provided with the following. 

The self-identifier storage means 328A the identifier which shows the authentication 

server itself was remembered to be as shown in drawing 7 . 

Data connecting mechanism 328B which connects data. 

A connection data hash means 328C to perform hash operation h. 

The server common key memory measure 328D which memorizes the server common 

key with common authentication server means 31 and approval server means 32 

which it has as secretthe common key system cryptographer stage 328E which 

performs cipher processing of a common key systemand attestation child connecting 



mechanism 328F which connects an attestation child with data. 



[0096]This self-identifier storage means 328A comprises a memoryfor example. The 
data connecting mechanism 328B can consist of logic circuitsfor example. The 
connection data hash means 328C comprises an arithmetic circuit which incorporated 
the algorithm of hash operation hfor example. Hash operation h may be the same as 
hash operation Hor may differ here. If the server common key memory measure 328D 
is the memory device which comprised a memoryfor example and had the Tampa- 
proof nat jrein additionit is good. The common key system cryptographer stage 328E 
comprises the arithmetic circuit or cipher-processing exclusive processor which 
incorporated the cryptographic algorithmfor example. As a cryptographic 
algorithmDESTriple DESetc. can be used herefor example. The attestation child 
connecting mechanism 328F comprises a logic circuitfor example. 
[0097]The attestation child separating mechanism 333A into which the attestation 
child verifying means 333 separates an attestation child from data as shown in 
drawing 8 The 2nd connection data hash means 333B that performs hash operation 
hThe 2nd server common key memory measure 333C that memorizes the server 
common key with common authentication server means 31 and approval server means 
32 which it has as secretlt provides with the 2nd common key system cryptographer 
stage 333D that performs cipher processing of a common key systemthe data 
separation means 333E which carries out division separation of the data divisionthe 
publisher identifier collation means 333F which compares a publisher identifierand the 
comparison means 333G which carries out comparison verification of the message 
authorization code. 

[0098]This attestation child separating mechanism 333A comprises a logic circuitfor 
example. The 2nd connection data hash means 333Bthe 2nd server common key 
memory measure 333Cand the 2nd common key system cryptographer stage 333D 
are constituted like 328C328Dand 328E in drawing 7 respectively. The data separation 
means 333E comprises a logic circuitfor example. The publisher identifier collation 
means 333F comprises a memory circuit and a comparison circuitfor example. The 
comparison means 333G is constituted by the combination of a comparison circuitfor 
example. Each above-mentioned means may be realized using the computer program 
on a microcomputer or a general purpose computer. Or it may record on a program 
recording medium in the form which can read the computer programand the 
composition combined with the program-recording-medium reader may realize. 
[0099]Operation of the attestation child addition means 328 constituted as mentioned 
above and the attestation child verifying means 333 is explained. In the attestation 
child addition means 328the identifier which shows the authentication server itself to 
the data connecting mechanism 328B from the self-identifier storage means 328A is 
first supplied as the publisher identifier 328a. The number of times 3202 of effective 
and the server identifier 3203 which acquired the data connecting mechanism 328B 



from the 2nd transmission and reception means 321 the multi stage hash value 3210 
obtained from the attestation collation means 326and attestation — a time check — 
with the time stamp 321 1 obtained from the means 322. It arranges and connects in 
an order that the ticket identifier 3212 obtained from the ticket identifier creating 
means 327 and the publisher identifier 328a obtained from the self-identifier storage 
means 328A were able to be definedand sends to the connection data hash means 
328C and the attestation child connecting mechanism 328F as the data division 328b. 
[0100]The connection data hash means 328C performs hash operation h to the data 
division 328band sends the hash value 328c of a result to the common key system 
cryptographer stage 328E. The common key system cryptographer stage 328E obtains 
the server common key 328d from the server common key memory measure 
328Duses this for an encryption keyenciphers the hash value 328cand sends it to the 
attestation child connecting mechanism 328F as the message authorization code 328e. 
The attestation child connecting mechanism 328F connects the message 
authorization code 328e with the data division 328band outputs the authentication 
ticket data 3213. 

[0101]In the attestation child verifying means 333the authentication ticket data 3301 
is first inputted into the attestation child separating mechanism 333AIt separates into 
the message authorization code 333a and the data division 333band the message 
authorization code 333a is sent to the comparison means 333Gand the data division 
333b is sent to the 2nd connection data hash means 333B and data separation means 
333Erespectively. The 2nd connection data hash means 333B performs hash 
operation h to the data division 333band sends the hash value 333c of a result to the 
2nd common key system cryptographer stage 333D. The 2nd common key system 
cryptographer stage 333D obtains the server common key 333d from the 2nd server 
common key memory measure 333Cuses this for an encryption keyenciphers the hash 
value 333cand sends it to the comparison means 333G as the message authorization 
code 333e for comparison. While it separates into the time stamp 3302the server 
identifier 3303the ticket identifier 3305the multi stage hash value 3306the number of 
times 3307 of effectiveand the publisher identifier 3308 and the data separation 
means 333E outputs the data division 333bAbout the publisher identifier 3308it sends 
also to the publisher identifier collation means 333F. The publisher identifier collation 
means 333F compares whether the publisher identifier 3308 is an identifier of the 
authentication server 32and sends 333 f of collated results to the comparison means 
333G. The comparison means 333G outputs the verification result 3304 based on 
whether 333 f of collated results show coincidenceor the message authorization code 
333a and the message authorization code 333e for comparison are in agreement. 
Each that the verification result 3304 shows those without an error is the case of 
being in agreement. 

[0102]Nextin the authentication system of a 4th embodiment of drawing 5 the 
composition and operation of the attestation child addition means 328 at the time of 



using a digital signature as an attestation child and the attestation child verifying 
means 333 are explained with reference to drawing 9 and drawing 10 . Differing from 
drawing 7 in drawing 9 instead of the server common key memory measure 328D and 
the common key system cryptographer stage 328EIt is in the point of having formed 
the public key system cryptographer stage 328H which performs cipher processing of 
the self-secret key memory measure 328G which memorizes the public key system 
code secret key of authentication server 32 selfand a public key system. If it is the 
memory device which could use the memoryfor example and had the Tampa-proof 
nature as the self-secret key memory measure 328Gin additionit is good. As the 
public key system cryptographer stage 328Hthe arithmetic circuit or cipher- 
processirg exclusive processor which incorporated the cryptographic algorithmfor 
example can be used. As a cryptographic algorithmRSAan elliptic curve 
cryptosystemetc. can be used herefor example. 

[0103]Differing from drawing 8 in drawing 10 The 2nd server common key memory 
measure 333CInstead of the 2nd common key system cryptographer stage 333D and 
the publisher identifier collation means 333FThe public key system decoding means 
333J which performs decoding processing of the server public key accumulation 
means 333H which matches the public key of the authentication server means 31 with 
a server identifierand accumulates it one or moreand a public key system code is 
establishedand it is in the point of having changed connection between these. The 
server public key accumulation means 333H is good also as what accumulates not 
only the authentication server means 32 but the public key of the approval server 
means 33. As the server public key accumulation means 333Ha memory circuit can be 
usedfor exampleand if it is a mass memory devicein additionit is good. As the public 
key system decoding means 333Jthe arithmetic circuit or cipher-processing exclusive 
processc which incorporated the decoding algorithmfor example can be used. It 
cannot be overemphasized that the decoding algorithm corresponding to the 
cryptographic algorithm in the public key system cryptographer stage 328H is used as 
a decoding algorithm here. Each above-mentioned means may be realized using the 
computer program on a microcomputer or a general purpose computer. Or it may 
record on a program recording medium in the form which can read the computer 
programand the composition combined with the program-recording-medium reader 
may realize. 

[0104]Operation of the attestation child addition means 328 constituted as mentioned 
above and the attestation child verifying means 333 is explained. In the attestation 
child addition means 328the self-identifier storage means 328Athe data connecting 
mechanism 328BOperation of the connection data hash means 328C is the same as 
that of the case of drawing 7t he data division 328b is supplied to the attestation child 
connecting mechanism 328Fand the hash value 328c is supplied to the public key 
system cryptographer stage 328Hrespectively. The public key system cryptographer 
stage 328H obtains the self-secret key 328f from the self-secret key memory 



measure 328Guses this for an encryption keyenciphers the hash value 328cand sends 
it to the attestation child connecting mechanism 328F as 328g of digital signatures. 
The attestation child connecting mechanism 328F connects 328 g of digital signatures 
with the data division 328band outputs the authentication ticket data 3213. 
[0105]In the attestation child verifying means 333the authentication ticket data 3301 
is first inputted into the attestation child separating mechanism 333AIt separates into 
333 g of digital signaturesand the data division 333band 333 g of digital signatures are 
sent to the public key system decoding means 333Jand the data division 333b is sent 
to the 2nd connection data hash means 333B and data separation means 
333Erespectively. The 2nd connection data hash means 333B performs hash 
operation h to the data division 333band sends the hash value of 333 h of a result to 
the comparison means 333G. While it separates into the time stamp 3302the server 
identifier 3303the ticket identifier 3305the multi stage hash value 3306the number of 
times 3307 of effectiveand the publisher identifier 3308 and the data separation 
means 333E outputs the data division 333bAbout the publisher identifier 3308it sends 
also to the server public key accumulation means 333H. While the publisher identifier 
3308 carries out search collation of whether it is an identifier of the known 
authentication server 31 (or approval server 32) and sends the collated result 333i to 
the comparison means 333Gthe server public key accumulation means 333HThe 
server public key 333j corresponding to the publisher identifier 3308 is sent to the 
public key system decoding means 333J. 

[0106]The public key system decoding means 333J uses the server public key 333j 
for a decode keydecrypts 333 g of digital signaturesand sends them to the 
comparison means 333G as the hash value 333k for comparison. The comparison 
means 33 3G outputs the verification result 3304 based on whether the collated result 
333i shows coincidence or the hash value of 333 h and the hash value 333k for 
comparison are in agreement. Each that the verification result 3304 shows those 
without an error is the case of being in agreement. 
[0107]Thuswhen an authentication system takes the composition of this 
embodimenteven if a client side is a device with low computation capabilityit becomes 
possible to perform use approval processing by practical processing time. 
[0108](A 5th embodiment) A 5th embodiment explains the block configuration of each 
means to perform the concrete communication procedure and it in the authentication 
system of a 3rd embodiment. 

[0109] Drawing 1 1 is a protocol sequence diagram showing the protocol of the 
authentication system in a 5th embodiment. It is to differ from drawing 4 in drawing 1 1 
with the client means 41 with a user interfaceand an authentication server means 42 
to perform user authenticationand the approval server means 33 does not have a 
change. .Attestation challenge answer Response401 via a user interface. The point 
accompanied by the exclusive OR result (the sign "@" shows EXCLUSIVE OR 
operation ) of the result of having given 1 step of hash operation H to connection by 



the password PW and the random number RO which were inputtedand the random 
number SO for attestation which the client means 41 generated in 
secrecyAuthentication ticket Ticket402the point that the hash operation result by 
which 403 is accompanied is a hash operation result of n stage to the random number 
SO for attestationlt differs in that the hash operation result by which approval 
challenge answer Response404 is accompanied is the hash operation of the n-k stage 
to the random number SO for attestation. 

[01 10]By the above protocol sequencesthe client means 41 without revealing the 
password PW to a third party including the approval server means 33Use approval can 
be obtained to n times using the authentication ticket 402and it does not become 
even a target of attack for stealing the password PW by an inaccurate third 
partysince the authentication tickets 402 are contents unrelated to the password 
PWbut safety is higher. 

[01 1 1]It explains referring to the functional block diagram of drawing 1 2 for the 
composition with such a protocol sequence of an authentication system. 
[01 12]AI:;o in drawing 12 an authentication server means 42 to perform the client 
means 41 and user authentication with a user interface differs from drawing 5 and the 
approval server means 33 does not have a change. Differing from the client means 31 
of drawing 5 in the client means 41 establishes the random number generating means 
41 1 for attestation which generates a random number for every user authentication 
processingand the 1st exclusive OR means 412 that performs EXCLUSIVE OR 
operation for every bitand it is at the point of having changed a part of connection. 
Differing from the authentication server means 32 of drawing 5 in the authentication 
server means 42Instead of the 2nd multi stage hash means 325 and the attestation 
collation means 326The 2nd exclusive OR means 422 that performs EXCLUSIVE OR 
operation for every 2nd 421 bit hash means that performs hash operation Hand the 
2nd multi stage hash means 423 that performs hash operation H of the given number 
of stages are formedand it is in the point of having changed a part of connection. As 
the random number generating means 411 for attestationthe arithmetic circuit which 
incorporated the random number generation algorithmfor exampleor the inverter which 
data-izes an electromagnetic noise can be used. As the 1st and 2nd exclusive OR 
means 412 and 422a logic circuit can be usedfor example. As the 2nd hash means 
421 the ar ithmetic circuit which incorporated the algorithm of hash operation Hfor 
example can be used. The counter etc. which count the connection which feeds back 
an outputfor example to the same arithmetic circuit as 421 and a number of stages as 
the 2nd multi stage hash means 423 can be added and constituted. Each above- 
mentioned means may be realized using the computer program on a microcomputer or 
a general purpose computer. Or it may record on a program recording medium in the 
form which can read the computer programand the composition combined with the 
program-recording-medium reader may realize. 

[01 13]It e xplains referring to drawing 1 3 for operation of the authentication system 



constituted as mentioned above. Herethe case where authentication demand 
Authenticate Request301 is accompanied by the number of times n of authentication 
ticket effective is explained. 

[01 14]Firstin the client means 41 and the authentication server means 42operation of 
the 1st and 2nd transmission and reception means 31 1 and 321the input means 
312the ticket holding mechanism 314the processing selecting means 315the 
authentication information storage means 323and the random number generating 
means 324 is the same as that of the case of drawing 5 and drawing 6 It is exchanged 
in authentication demand Authenticate Request301 and attestation challenge 
Challenge302In the client means 41the number of times 4201 of effectivethe server 
identifier 3203the password 3204the notice 4202 of search resultsand the challenge 
random number 3206 are obtained for the user authentication processing starting 
information 4101 or the use approval procedure starting information 3104 in the 
authentication server means 42. Howeverthe point that the user authentication 
processing starting information 4101 is sent to said input means 312the random 
number generating means 41 1 for attestationand the 1st exclusive OR means 412The 
point that the number of times 4201 of effective is sent to the 2nd multi stage hash 
means 423 and attestation child addition means 328The point that the notice 4202 of 
search results is sent to the 2nd hash means 421 random number generating means 
324and ticket identifier creating means 327While the challenge random number 3206 
is sent tc the 2nd hash means 421 it differs in that it is sent to the client means 41 
via the 2nd transmission and reception means 321. 

[01 15]Nextin the client means 41 the random number generating means 41 1 for 
attestationlf the user authentication processing starting information 4101 is giventhe 
random number 4102 for attestation used for an attested proof will newly be 
generated at random and in secrecyand will be sent to the 1st exclusive OR means 
412 and secret memory measure 316 (ST4101). The secret memory measure 316 
memorizes the random number 4102 for attestation in secrecyand permits only 
predetermined accessi.e.the renewal of an addition in a user authentication procedure 
and the reference in a use approval procedure(ST4102). If the user authentication 
processirg starting information 4101 is giventhe 1st exclusive OR means 
412EXCLUSIVE OR operation for every bit is performed between the hash value 4103 
and the random number 4102 for attestation which were obtained from the hash 
means 313The disturbance hash value 4104 obtained as a result is sent to the 
authentication server means 42 as attestation challenge answer Response401 via the 
1 st transmission and reception means 311 (ST4103ST4104). 
[01 16]On the other handin the authentication server means 42it is received by the 
2nd transmission and reception means 321the disturbance hash value 4204 is taken 
outand attestation challenge answer Response401 is sent to the 2nd exclusive OR 
means 422 (ST4202). On the other handwhen the notice 4202 of search results shows 
owner **the 2nd hash means 421 performs hash operation H to connection by the 



password 3204 and the challenge random numbers 3206and supplies the hash value 
4203 of a result to the 2nd exclusive OR means 422 (ST4201). The 2nd exclusive OR 
means 422 performs EXCLUSIVE OR operation for every bit between the hash value 
4203 obtained from the 2nd hash means 421 and the disturbance hash value 4204and 
sends the random number 4205 for attestation obtained as a result to the 2nd multi 
stage hash means 423 (ST4203). The 2nd multi stage hash means 423 performs hash 
operation H of a number of stages equivalent to the number of times 4201 of 
effective to the random number 4205 for attestationand sends the multi stage hash 
value 4206 of a result to the attestation child addition means 328 (ST4204). 
[01 17]the following and ticket identifier creating means 327 and attestation — a time 
check — operation of the means 322 and the attestation child addition means 
328although it is the same as that of the case of drawing 4 and drawing 5 The point of 
using the notice 4202 of search results instead of the ticket identifier creating means 
327 being the collated result 3209It differs in that the number of times 4201 of 
effective and the multi stage hash value 4206 are used instead of the attestation child 
addition means 328 being the number of times 3202 of effectiveand the multi stage 
hash value 3210The authentication ticket data 4207 of contents which are different in 
the authentication ticket data 3213 is obtained (ST4205)and it is sent to the client 
means 41 as authentication ticket Ticket402 via the 2nd transmission and reception 
means 321. 

[01 18]On the other handin the client means 41 It operates like the case where said 
1st transmission and reception means 31 1 and said ticket holding mechanism 314 are 
drawing 5 and drawing 6 When the use approval procedure starting information 3104 is 
givenautrentication ticket Ticket403 is sent to the approval server means 33 with the 
approval demand Authorize Requestand the number of times 31 12 of effective is 
supplied to the multi stage hash means 317. 

[01 19]Operation of the approval server means 33 for this is the same as that of the 
case of d rawing 5 and drawing 6 and approval challenge Challenge306 is returned. 
[0120]On the other handin the client means 41 it operates like the case where said 
1st transmission and reception means 311 and the multi stage hash means 317 are 
drawing 5 and drawing 6 . Howeverit is the random number 4105 for attestation which 
is obtained from said secret memory measure 316 (ST4105)and processing is 
performed to this. Namelythe multi stage hash means 317 performs hash operation H 
of the number of stages equivalent to the difference of the number of times 31 1 2 of 
effectiveand the using frequency 31 15 (ST4106)The multi stage hash value 4106 of a 
result is sent to the approval server means 33 as approval challenge answer 
Response404 via the 1st transmission and reception means 31 1 (ST4107). 
[0121]It is only that the candidate for hash differs between the multi stage hash value 
by which approval challenge answer Response404 which the approval server means 
33 obtains by this is accompaniedand the multi stage hash value by which 
authentication ticket Ticket403 is accompanied in the case of drawing 5 and drawing 



6and the operation relation between the former and the latter is maintained. 
Thereforeif operation of the approval server means 33 for this may be the same as 
that of the case of drawing 5 and drawing 6 checks the relation of two multi stage 
hash values and accepts that it is justnotice Resultof approval308 will be returnedand 
it is received in the client means 41. By this methodwithout revealing the password 
PW to a third party including the approval server means 33the password PW of the 
client means 41 is unrelatedand it can obtain use approval to n times using the higher 
authentication ticket 402 of safety. 

[0122]AH:hough it had composition which calculates a multi stage hash value in the 
client means 41 at every use approval procedure in the above explanationit is good 
also as composition which carries out precomputation of the multi stage hash value of 
all the nimber of stageses at the time of acquisition of an authentication ticketand is 
memorized to the secret memory measure 316. In that caseprocessing time for every 
use approval procedure of what needs to use the more nearly mass Tampa-proof 
nature memory device as the secret memory measure 316 can be shortened more. 
[0123]Thuswhen an authentication system takes the composition of this 
embodimenteven if a client side is a device with low computation capabilityit becomes 
possible to perform use approval processing by practical processing time. Since the 
collation information included in an authentication ticket becomes unrelated to user 
authentication informationa possibility that user authentication information will be 
guessed disappears from an authentication ticketand single sign-on type an 
authentication method and an authentication system with higher safety are obtained. 
[0124](A 6th embodiment) In the authentication system of a 6th embodimentthe 
authentication ticket in which using frequency was updated is sent to a client means 
with the notice of approval from an approval server. 

[0125] Drawing 14 is a protocol sequence diagram showing the protocol of this 
authentication system. In drawing 14t he client means 51 and the approval server 
means 53 differ from drawing 4 and the authentication server means 32 does not have 
a change. It differs in that authentication ticket Ticket501 updated by the client 
means 51 with notice Resultof approval308 from the approval server 53 is sent. 
[0126]This authentication ticket Ticket501 compared with the authentication ticket 
305the following point is different. 

[0127]That isthe n+1-step hash operation result in the authentication ticket 305 is 
transposed to the +1 step of n-k hash operation result (k is using frequency). The 
number or times n of effective in the authentication ticket 305 remainsand it is 
transposed to number-of-times n-k of available. Time stamp TSO is transposed to the 
new time stamp TSk. The publisher identifier IID is transposed to the server identifier 
which shows approval server 53 self. A new attestation child is added. 
[0128]By this methodthe client means 51 can obtain use approval to n times using 
the authentication ticket 304 or the updated authentication ticket 501 without 
revealing the password PW to a third party including the approval server means 53. 



Since the time stamp of an authentication ticket is updated each timethe term of 
validity can be set up shorter. Thereforethe period which can become a target of 
attack by an inaccurate third party becomes shortand safety is higher. Since the 
number of the hash operations in the approval server means 53 may be onethe 
response time in a use approval procedure can be shortened. 
[01 29] It explains referring to drawing 1 5 f or the composition with such a protocol 
sequence of an authentication system. 

[01 30]In drawing 1 5t he client means 51 and the approval server means 53 differ from 
drawing S and the authentication server means 32 does not have a change. Differing 
from the client means 31 of drawing 5 in the client means 51 has the ticket holding 
mechanism 51 1 in the point of having enabled it to also hold the authentication ticket 
data 5101 of authentication ticket Ticket501 from the approval server means 53. 
Differing from the approval server means 33 of drawing 5 in the approval server 
means 53The ticket use management tool 531 shall remain and the number of times 
of available shall also be outputted. The 3rd hash means 532 that performs 1 step of 
hash operation H instead of the 3rd multi stage hash means 336 is formedthe 2nd 
attestation child addition means 533 that generates and adds the attestation child to 
an authentication ticket is newly establishedand it is in the point of having changed a 
part of connection. 

[0131]As this ticket holding mechanism 51 1the same composition as the ticket 
holding mechanism 314 can add and use connection. As the ticket use management 
tool 531the same composition as the ticket use management tool 335 can add and 
use connection. As the 3rd hash means 532the arithmetic circuit which incorporated 
the algorithm of hash operation Hfor example can be used. As the 2nd attestation 
child addition means 533the same composition as the attestation child addition means 
328 can be used. Each above-mentioned means may be realized using the computer 
program on a microcomputer or a general purpose computer. Or it may record on a 
program recording medium in the form which can read the computer programand the 
composition combined with the program-recording-medium reader may realize. 
[0132]It explains referring to drawing 1 6 f or operation of the authentication system 
constituted as mentioned above. Herethe case where authentication demand 
Authenticate Request301 is accompanied by the number of times n of authentication 
ticket effective is explained. 

[0133]Firstthe operation in the client means 51 and the authentication server means 
32 is the same as that of the case of drawing 5 and drawing 6 a user authentication 
procedure is performed andeventuallyauthentication ticket Ticket304 is sent to the 
client means 51 from the authentication server means 32. 

[0134]On the other handin the client means 51 The 1st transmission and reception 
means 31 1 operates like the case of drawing 5 and drawing 6 and the ticket holding 
mechanism 51 1 operates like drawing 5 and the ticket holding mechanism 314 in the 
case of d rawing 6 While authentication ticket Ticket305 is sent to the approval server 



means 53 with the approval demand Authorize Requestthe number of times 31 12 of 
effective is taken out from authentication ticket dataand it is sent to the multi stage 
hash means 317. 

[0135]On the other handin the approval server means 53the 3rd transmission and 
reception means 331 and approval — a time check — the means 332the attestation 
child verifying means 333and the ticket effective judging means 334 operating like the 
case of d rawing 5 and drawing 6 andThe ticket identifier 3305the multi stage hash 
value 3306the number of times 3307 of effectivethe publisher identifier 3308and the 
ticket effective notice 3310 are supplied to the ticket use management tool 531. The 
ticket use management tool 531 operates almost like drawing 5 and the ticket use 
management tool 335 in the case of drawing 6 Although the using frequency 5301 is 
sent to the client means 51 as approval challenge Challenge306 via the 3rd 
transmission and reception means 331 and being sent to the approval collation means 
337 as it is by making the multi stage hash value 3306 into the multi stage hash value 
5302Furthermoreit remains with a ticket identifierthe group 5303 of the number of 
times of available and a server identifier is outputtedand it sends to the 2nd 
attestation child addition means 533. 

[0136]Operation of the client means 51 for this is the same as that of the case of 
drawing 5 and drawing 6 and approval challenge answer Response307 is returned to 
approval challenge Challenge306. 

[0137]On the other handin the approval server means 53it is received by the 3rd 
transmission and reception means 331 the multi stage hash value 5304 is taken outand 
approval challenge answer Response307 is sent to the 3rd hash means 532 and the 
2nd attestation child addition means 533. The 3rd hash means 532 performs hash 
operation H to the multi stage hash value 5304and sends the secondary multi stage 
hash value 5305 whose number of stages of hash increased by one to the approval 
collation means 337 (ST5301). The approval collation means 337 performs the 
coincidence decision of the multi stage hash value 5302 and the secondary multi 
stage hash value 5305 (ST5302ST331 6)and sends the collated result 5307 to the 2nd 
attestation child addition means 533. 

[0138]approval — a time check — the means 322 has clocked current time and 
supplies the time stamp 5306 based on current time to the 2nd attestation child 
addition means 533. The 2nd attestation child addition means 533 connects the 
publisher identifier which remains with a ticket identifier and shows number-of-times 
[ of available ]group [ of a server identifier ] 5303multi stage hash value 5304time 
stamp 5306and approval server 53 selfOn the other handan attestation child is 
generated and addedand it is considered as the authentication ticket data 5308 
(ST5303)and sends to the client means 51 with notice Resultof approval308 as 
authentication ticket Ticket501 via the 3rd transmission and reception means 331 
(ST5304). 

[0139]On the other handin the client means 51 It is received by the 1st transmission 



and reception means 31 land authentication ticket Ticket501 is sent to said ticket 
holding mechanism 51 1 as the authentication ticket data 51 01 is held 
(ST5101ST5102)and is used in a next use approval procedure. 
[0140]Since the number of stages of the multi stage hash value by which the 
authentication ticket 305 sent to the approval server means 53 is accompanied 
decreases every [ 1 ] for every use approval and it goes from the client means 51 by 
thisin the approval server means 53what is necessary is just to perform one step of 
hash operationand it can shorten response time. Since a time stamp is updatedit can 
set to the shortness of the grade which can cover the interval of access to the term 
of validityfor examplel hourand the user convenience can improve safetywithout 
making it fall. By this methodthe client means 31 can obtain use approval in the 
shorter response time to n times using the higher authentication ticket 305 of 
safetywithout revealing the password PW to a third party including the approval 
server means 53. 

[0141]Although it had composition which calculates a multi stage hash value in the 
client means 51 at every use approval procedure in the above explanationit is good 
also as composition which carries out precomputation of the multi stage hash value of 
all the number of stageses at the time of acquisition of an authentication ticketand is 
memorized to the secret memory measure 316. In that caseprocessing time for every 
use approval procedure of what needs to use the more nearly mass Tampa-proof 
nature memory device as the secret memory measure 316 can be shortened more. 
[0142]Thusin the authentication system of this embodimentpossibility of the 
unauthorized use by a third party can be made smallerand the response time of use 
approval can be shortened. 

[0143](A 7th embodiment) An authentication ticket can be used for the authentication 
system of a 7th embodiment in common to two or more approval servers. 
[0144] Drawing 1 7 is a protocol sequence diagram showing the protocol of this 
authentication system. In drawing 1 7t he client means 61 the authentication server 
means 62 and the approval server means 63 differ from drawing 4 and it has added the 
authentication ticket management tool 64 further. .Attestation challenge answer 
Response303. Authentication ticket shelf registration directions Registration601 
accompanied by the ticket identifier TID and the server identifier SID which the 
received authentication server means 62 took out from authentication demand 
Authenticate Request301and the number of times n of effective. The point sent to 
the authentication ticket management tool 64the point accompanied by the using 
frequency k in approval demand Authorize Request602Approval demand Authorize 
Request602. Authentication ticket Ticket305 [ and ]. Authentication ticket history 
update indication Update603 accompanied by the ticket identifier TID and the server 
identifier SID which the received approval server means 63 took out from approval 
demand Authorize Request602 and the authentication ticket 305and the using 
frequency k. The point accompanied by the random number Rk generated so that it 



might differ each time instead of the point sent to the authentication ticket 
management tool 64the point that authentication ticket rejected note Reject606 is 
returned if needed to thisand approval challenge Challenge604 being the using 
frequency kThe points accompanied by the result of having carried out EXCLUSIVE 
OR operation with Rk to the result which approval challenge answer Response605 
gave hash operation [ of +one step of n-k ] H to connection by the password PW and 
the random numbers RO further differ. 

[0145]By this methodthe client means 61 without revealing the password PW to a third 
party including the approval server means 63In order to check by the authentication 
ticket management tool 64 which could obtain use approval to n times using the 
authentication ticket 304sent the using frequency k from the client means 61 and 
became independent in the approval server means 63The authentication ticket 304 
can be made available in common by two or more approval server means 63. 
[0146]It explains referring to drawing 18 for the composition with this protocol 
sequence of an authentication system. Also in drawing 1 8t he client means 61the 
authentication server means 62and the approval server means 63 differ from drawing 
5and it has added the authentication ticket management tool 64 further. Differing 
from the client means 31 of drawing 5 in the client means 61 While holding an 
authentication ticketthe ticket maintenance management tool 61 1 which manages the 
using frequency k is established instead of the ticket holding mechanism 314the 1st 
exclusive OR means 612 that performs EXCLUSIVE OR operation for every bit is 
establishedand it is in the point of having changed a part of connection. Differing from 
the authentication server means 32 of drawing 5 in the authentication server means 
62 forms a ticket registration instruction means 621 to generate authentication ticket 
shelf registration indicative dataand it is at the point of having changed a part of 
connection. 

[0147]Differing from the approval server means 33 of drawing 5 in the approval server 
means 63The ticket update indication means 631 which generates authentication 
ticket history update indication data while remaining with the ticket identifier of an 
authentication ticket and the number of times of effectivereceiving the number of 
times of available and supplying each part is established instead of the ticket use 
management tool 335The 2nd exclusive OR means 633 that performs EXCLUSIVE OR 
operation for every 2nd 632 bit random number generating means that generates a 
random number for every use approval processing is establishedand it is in the point 
of having changed a part of connection. 

[0148]As this ticket maintenance management tool 61 1the adder circuit which 
calculate:; using frequency is added to the same composition as the ticket holding 
mechanism 335and it is constituted. As the 1st and 2nd exclusive OR means 612 and 
633a logic circuit can be usedfor example. As the ticket registration instruction means 
621a logic circuit can be usedfor example. As the ticket update indication means 631a 
logic circuit can be usedfor example. As the 2nd random number generating means 



632the same composition as the random number generating means 324 can be used. 
The combination of the arithmetic circuit and comparison circuit which compare 
various communication-interface devicesthe logic circuit which performs division 
combination of dataand using frequency as the authentication ticket management tool 
64and a mass memory device can constitute. Each above-mentioned means may be 
realized using the computer program on a microcomputer or a general purpose 
computer. Or it may record on a program recording medium in the form which can 
read the computer programand the composition combined with the program- 
recording-medium reader may realize. 

[01 49]It explains referring to drawing 1 9 for operation of the authentication system 
constituted as mentioned above. Herethe case where authentication demand 
Authenticate Request301 is accompanied by the number of times n of authentication 
ticket effective is explained. 

[0150]Firstthe operation in the client means 61 in a user authentication procedure 
and the authentication server means 62 is the same as that of the case of drawing 5 
and draw ng 6 almostand authentication ticket Ticket304 is eventually sent to the 
client means 61 from the authentication server means 62. Howeverin the client means 
61the ticket maintenance management tool 61 1 operates the ticket holding 
mechanism 314 at this time. In the authentication server means 62the number of 
times 6201 of effective taken out from authentication demand Authenticate 
Request301 is sent also to the multi stage hash means 325and the ticket registration 
instruction means 621 besides the attestation child addition means 328The server 
identifier 6202 is sent to the ticket registration instruction means 621 besides the 
attestation child addition means 328and the ticket identifier 6203 generated by the 
ticket identifier creating means 327 is sent to the ticket registration instruction 
means 621 besides the attestation child addition means 328. 
[0151]Th<3 ticket registration instruction means 621 connects the ticket identifier 
6203the server identifier 6202and the number of times 6201 of effectiveand generates 
the authentication ticket shelf registration indicative data 6204It sends to the 
authentication ticket management tool 64 as authentication ticket shelf registration 
directions Registration601 via the 2nd transmission and reception means 321 
(ST6201). It is investigated whether when the ticket list is managed and 
authentication ticket shelf registration directions Registration601 is giventhe 
authentication ticket management tool 64 which received this uses a ticket 
identifiersearches under a ticket listand is already registered. If there is no applicable 
thingthe group of the number of times of effective as a value which remains with a 
ticket identifier and the number of times of effectiveand shows the number of times 
of available will be added to a ticket listand will be memorized. 
[0152]On the other handin the client means 61 it is received by the 1st transmission 
and reception means 31 1the authentication ticket data 31 10 is taken outand 
authentication ticket Ticket304 is sent to the ticket maintenance management tool 



61 1. The ticket maintenance management tool 61 1 matches the authentication ticket 
data 31 10 with the server identifier 31 01 and holds itRemain and the number of times 
of effective taken out from authentication ticket data is simultaneously managed as 
the number of times of available (ST6101)When the use approval procedure starting 
information 6101 is giventhe authentication ticket data 31 1 1 via the 1st transmission 
and reception means 31 1 as authentication ticket Ticket305The using frequency 6102 
obtained by lengthening from the number of times of effective taken out from the 
authentic ation ticket after remaining and reducing the number of times of available 
one via the 1st (ST6102) transmission and reception means 31 1 as approval demand 
Authorize Request602It sends to the approval server means 63 (ST6103)and the 
number of times 31 12 of effective taken out from authentication ticket data is further 
sent to the multi stage hash means 317. 

[0153]Or the other handin the approval server means 63Authentication ticket 
Ticket30!5 and approval demand Authorize Request602 are received by the 3rd 
transmission and reception means 331The authentication ticket data 3301 is taken 
outit is sent to the attestation child verifying means 333the using frequency 6301 is 
taken outand it is sent to the ticket update indication means 631 (ST6301). approval - 
- a time check — the means 332the attestation child verifying means 333and the 
ticket effective judging means 334 operating almost like the case of drawing 5 and 
drawing 6 andHoweverthe server identifier 6302 is sent to the ticket update indication 
means 631 besides the ticket effective judging means 334and the effective notice 
6303 is sent to the ticket update indication means 631 and the 2nd random number 
generating means 632. If the effective notice 6303 is giventhe ticket update indication 
means 631 Connect the ticket identifier 3305the server identifier 6302and the using 
frequency 6301 and the authentication ticket history update indication data 6304 is 
generatedpassing the 3rd transmission and reception means 331 — as authentication 
ticket history update indication Update603 — the authentication ticket management 
tool 64 — sending (ST6302) — it sends to the 3rd multi stage hash means 336 by 
making using frequency 6301 into the using frequency 6306 as it is. When 
authentication ticket history update indication Update603 is giventhe authentication 
ticket management tool 64The value which searches under a ticket list using a ticket 
identifierand shows the corresponding number of times of effectivelt is confirmed that 
it is in agreement with the sum total of the corresponding value which remains and 
shows the number of times of availableand the using frequency by which 
authentication ticket history update indication Update603 is accompaniedlf rightthe 
value which shows the number of times of remaining available under ticket list will be 
reduced oneand if not rightauthentication ticket rejected note Reject606 is returned. 
The authentication ticket rejected note 606 is sent to said ticket update indication 
means 631 as the authentication ticket rejected note data 6305 via the 3rd 
transmission and reception means 331 in the approval server means 63. Although the 
ticket update indication means 631 is sent to the approval collation means 337 as it is 



by making the multi stage hash value 3306 into the multi stage hash value 331 2if the 
authentication ticket rejected note data 6305 is givenit will deter this. If the effective 
notice 6303 is givenwhile the 2nd random number generating means 632 will newly 
generate the challenge random number 6307 for data disturbance at random and will 
send it to the 2nd exclusive OR means 633It sends to the client means 61 as 
approval challenge Challenge604 via the 3rd transmission and reception means 331 
(ST6303). 

[0154]On the other handin the client means 61 it is received by the 1st transmission 
and reception means 31 1the challenge random number 6103 is taken outand approval 
challenge Challenge604 is sent to the 1st exclusive OR means 612 (ST6104). When 
the use approval procedure starting information 6101 is giventhe multi stage hash 
means 317From said secret memory measure 316the hash value 3113 is obtainedhash 
operation H of the number of stages which is equivalent to the difference of the 
number of times 3112 of effective and the using frequency 61 02 at the hash value 
31 13 is performedand the multi stage hash value 6104 of a result is sent to the 1st 
exclusive OR means 612. When the use approval procedure starting information 6101 
is giventhe 1st exclusive OR means 61 2EXCLUSIVE OR operation for every bit is 
performed between the multi stage hash value 6104 and the challenge random number 
6103The disturbance multi stage hash value 6105 is generatedand it sends to the 
approval server means 63 as approval challenge answer Response605 via the 1 st 
transmission and reception means 311 (ST6105ST6106). Since hash operation H 
cannot calculate this disturbance multi stage hash value 6105 for the sufficiently safe 
third party who does not know the password PWthe random number ROand a 
challenge random number as long as iton the other handhas tropismthe length of a 
resultand random naturelt is shown that it is a valid user which gets to know the 
password PW by this disturbance multi stage hash value 6105. Since many number of 
stageses of hash operation H in a multi stage hash value are performed so that it 
went back in the past and the following multi stage hash value is also incalculable 
from this multi stage hash value 6104there is also no necessity for encryption. 
Generally it is supposed 100 or more times [ operation / code ] that it is hash 
operation a high speedand if it is a suitable number of stagesit can process at high 
speed than the case where a code is used. 

[0155]On the other handin the approval server means 63it is received by the 3rd 
transmission and reception means 331 the disturbance multi stage hash value 6308 is 
taken outand approval challenge answer Response605 is sent to the 2nd exclusive OR 
means 633 (ST6304). The 2nd exclusive OR means 633 performs EXCLUSIVE OR 
operation for every bit between the challenge random number 6307 and the 
disturbance multi stage hash value 6308obtains the multi stage hash value 6309and 
sends it to the 3rd multi stage hash means 336 (ST6305). The 3rd multi stage hash 
means 336 performs hash operation of the number of stages equivalent to the using 
frequency 6306 to the multi stage hash value 6309and sends the secondary multi 



stage hash value 3314 of a result to the approval collation means 337. The approval 
collation means 337 operates like the case of drawing 5 and drawing 6 sends the 
notice data 3315 of approval to the client means 61 as notice Resultof approval308 
via the 3rd transmission and reception means 331 and is received in the client means 
61. Howeverit is not this limitation when supply of the multi stage hash value 3312 is 
deterred by reception of authentication ticket rejected note Reject606 
(ST6306ST6307). By this methodthe client means 61 can obtain use approval to two 
or more approval server means using the authentication ticket 305 to n timeswithout 
revealing the password PW to a third party including the approval server means 63. 
[01 56] Although it had composition which calculates a multi stage hash value in the 
client means 61 at every use approval procedure in the above explanation^ is good 
also as composition which carries out precomputation of the multi stage hash value of 
all the nLmber of stageses at the time of acquisition of an authentication ticketand is 
memorized to the secret memory measure 316. In that caseprocessing time for every 
use approval procedure of what needs to use the more nearly mass Tampa-proof 
nature memory device as the secret memory measure 316 can be shortened more. 
[0157]Thusthe single sign-on type authentication system with high convenience which 
can use an authentication ticket in common to two or more approval servers under 
the method with which an authentication ticket is not updated can consist of this 
embodiment. 

[0158](An 8th embodiment) The authentication system of an 8th embodiment can 
carry out decentralized administration of the use of an authentication ticket. 
[0159]Dn awing 20 is a protocol sequence diagram showing the protocol of this 
authentication system. In drawing 20 the client means 71 the authentication server 
means 72and the approval server means 73 differ from drawing H and it has added 
the 2nd [ further ] approval server means 74. The point accompanied by the using 
frequency k in approval demand Authorize Request701 Approval demand Authorize 
Request701. Authentication ticket Ticket305 [ and ]. Authentication ticket history 
reference Inquiry702 accompanied by the ticket identifier TID and the server identifier 
SID which the received approval server means 73 took out from approval demand 
Authorize Request701 and the authentication ticket 305and the using frequency k. 
The point sent to the authentication server means 72 or the 2nd approval server 
means 74the point that authentication ticket rejected note Reject705 is returned if 
needed to thisThe point accompanied by the random number Rk generated so that it 
might differ each time instead of approval challenge Challenge703 being the using 
frequency kThe points accompanied by the result of having carried out EXCLUSIVE 
OR operation with Rk to the result which approval challenge answer Response704 
gave hash operation [ of +one step of n-k ] H to connection by the password PW and 
the random numbers R0 further differ. 

[0160]By this methodthe client means 71 without revealing the password PW to a third 
party including the approval server means 73 and the 2nd approval server means 



74Use approval can be obtained to n times using the authentication ticket 304 or the 
updated authentication ticket 501 In order to send and check the using frequency k to 
the authentication server means 72 or the 2nd updated approval server means 74 
which published the authentication ticket via the approval server means 73 from the 
client means 71 The authentication ticket 304 can be made available in common by 
two or more approval server means 73 and 74and the traffic of check processing can 
be decentralized. 

[0161]It explains referring to drawing 21 for the composition with such a protocol 
sequence of an authentication system. Also in drawing 21 the client means 71 the 
authentication server means 72and the approval server means 73 differ from drawing 
1_5and it has added the 2nd [ further ] approval server means 74. Differing from the 
client means 51 of drawing 15 in the client means 71 While holding an authentication 
ticketthe ticket maintenance management tool 71 1 which manages the using 
frequency k is established instead of the ticket holding mechanism 511the 1st 
exclusive OR means 712 that performs EXCLUSIVE OR operation for every bit is 
establishedand it is in the point of having changed a part of connection. Differing from 
the authentication server means 32 of drawing 1 5 in the authentication server means 
72 establishes the ticket issue management tool 721 which manages issue of an 
authentication ticket and is answered to referenceand it is at the point of having 
changed a part of connection. Differing from the approval server means 53 of drawing 
15 in the approval server means 73The renewal management tool 731 of a ticket 
which manages renewal of an authentication ticket and is answered to reference while 
remaining with the ticket identifier of an authentication ticket and the number of 
times of effectivereceiving the number of times of available and supplying each part is 
established instead of the ticket use management tool 531 The 2nd exclusive OR 
means 733 that performs EXCLUSIVE OR operation for every 2nd 732 bit random 
number generating means that generates a random number for every use approval 
processing is establishedand it is in the point of having changed a part of connection. 
The 2nd approval server means 74 has the same composition as the approval server 
means 73. 

[01 62]It can be used as the ticket maintenance management tool 71 1 being able to 
add the adder circuit which calculates using frequency to the same composition as 
the ticket holding mechanism 51 1. As the 1st and 2nd exclusive OR means 712 and 
733a logic circuit can be usedfor example. The combination of the arithmetic circuit 
and comparison circuit which compare the logic circuit which performs division 
combination of datafor exampleand using frequency as the ticket issue management 
tool 721 and a mass memory device can constitute. The combination of the arithmetic 
circuit and comparison circuit which compare the logic circuit which performs division 
combination of datafor exampleand using frequency as the renewal management tool 
731 of a ticketand a mass memory device can constitute. As the 2nd random number 
generating means 732the same composition as the random number generating means 



324 can be used. Each above-mentioned means may be realized using the computer 
program on a microcomputer or a general purpose computer. Or it may record on a 
program recording medium in the form which can read the computer programand the 
composition combined with the program-recording-medium reader may realize. 
[0163]It explains referring to drawing 22 f or operation of the authentication system 
constituted as mentioned above. Herethe case where authentication demand 
Authenticate Request301 is accompanied by the number of times n of authentication 
ticket effective is explained. 

[0164]Firstthe operation in the client means 71 in a user authentication procedure 
and the authentication server means 72 is the same as that of the case of drawing 1 5 
and drawing 16 almostand authentication ticket Ticket304 is eventually sent to the 
client means 71 from the authentication server means 72. Howeverin the client means 
71the tic<et maintenance management tool 71 1 operates the ticket holding 
mechanism 51 1 at this time. In the authentication server means 72the number of 
times 7201 of effective taken out from authentication demand Authenticate 
Request301 is sent to the ticket issue management tool 721 besides the multi stage 
hash means 325 and the attestation child addition means 328The server identifier 
7202 is sent to the ticket issue management tool 721 besides the attestation child 
addition means 328and the ticket identifier 7203 generated by the ticket identifier 
creating means 327 is sent to the ticket issue management tool 721 besides the 
attestation child addition means 328. The ticket issue management tool 721 has 
managed the published ticket listand the group of the number of times 7201 of 
effective as a value which remains with the ticket identifier 7203the server identifier 
7202and the number of times 7201 of effectiveand shows the number of times of 
available is added to a ticket listand it memorizes it (ST7201). 
[0165]On the other handin the client means 71 it is received by the 1st transmission 
and reception means 31 1the authentication ticket data 3110 is taken outand 
authentication ticket Ticket304 is sent to said ticket maintenance management tool 
71 1. Said ticket maintenance management tool 71 1 matches the authentication ticket 
data 3110 with the server identifier 31 01 and holds itRemain and the number of times 
of effective taken out from authentication ticket data is simultaneously managed as 
the number of times of available (ST7101)When the use approval procedure starting 
information 7101 is giventhe authentication ticket data 31 1 1 via the 1st transmission 
and reception means 31 1 as authentication ticket Ticket305The using frequency 7102 
obtained by lengthening from the number of times of effective taken out from the 
authentication ticket after remaining and reducing the number of times of available 
one via the 1st (ST7102) transmission and reception means 31 1 as approval demand 
Authorize Request701It sends to the approval server means 73respectively 
(ST7103)and the number of times 31 12 of effective further taken out from 
authentication ticket data is sent to the multi stage hash means 317. 
[0166]On the other handin the approval server means 73Authentication ticket 



Ticket305 and approval demand Authorize Request701 are received by the 3rd 
transmission and reception means 331 The authentication ticket data 3301 is taken 
outit is sent to the attestation child verifying means 333the using frequency 7301 is 
taken outand it is sent to the renewal management tool 731 of a ticket (ST7301). 
[0167]approval — a time check — the means 332the attestation child verifying 
means 333and the ticket effective judging means 334 operating almost like the case 
of drawing 15 and drawing 1 6 andHoweverthe server identifier 7302 is sent to the 
renewal management tool 731 of a ticket besides the ticket effective judging means 
334and the effective notice 7303 is sent to the renewal management tool 731 of a 
ticketancl the 2nd random number generating means 732. If the published ticket list is 
managed and the effective notice 7303 is giventhe renewal management tool 731 of a 
ticketConnect the ticket identifier 3305the server identifier 7302and the using 
frequency 7301 and the authentication ticket history inquiry data 7304 is 
obtainedWhile sending authentication ticket history reference Inquiry702 to the 
authentic ation server means 72 or the 2nd approval server means 74 which the 
publisher identifier 3308 shows via the 3rd transmission and reception means 331 The 
group of the number of times 7301 of effective as a value which remains with the 
ticket identifier 3305the server identifier 7302and the number of times 7301 of 
effectiveand shows the number of times of available is added to a ticket listand is 
memorized (ST7302). 

[01 68]In the authentication server means 72 which received thisit is received by the 
2nd transmission and reception means 321 and authentication ticket history reference 
Inquiry702 is sent to said ticket issue management tool 721 as the authentication 
ticket history inquiry data 7205 having contained a ticket identifiera server 
identifierand using frequency. The using frequency taken out from the authentication 
ticket history inquiry data 7205 said ticket issue management tool 721 It investigates 
whether it is in agreement with what remained with the number of times of effective 
managed itselfand was added to the difference with the number of times of available 
oneand in being inharmoniousit returns the authentication ticket rejected note data 
7204 as authentication ticket rejected note Reject705 via the 2nd transmission and 
reception means 321. When the 2nd approval server means 74 receives thisthe role 
as said ticket issue management tool 721 with same renewal management tool of a 
ticket is performed. 

[0169]In the approval server means 73the authentication ticket rejected note 705 is 
sent to said renewal management tool 731 of a ticket as the authentication ticket 
rejected note data 7305 via the 3rd transmission and reception means 331. Although 
said renewal management tool 731 of a ticket is sent to the approval collation means 
337 as it is by making the multi stage hash value 3306 into the multi stage hash value 
5302it remains with a ticket identifier and the group 5303 of the number of times of 
available and a server identifier is sent to the 2nd attestation child addition means 
533These will be deterred if the authentication ticket rejected note data 7305 is given. 



If the eff ective notice 7303 is givenwhile the 2nd random number generating means 
732 will newly generate the challenge random number 7306 for data disturbance at 
random and will send it to the 2nd exclusive OR means 733It sends to the client 
means 71 as approval challenge Challenge703 via the 3rd transmission and reception 
means 331 (ST7303). 

[0170]On the other handin the client means 71 it is received by the 1st transmission 
and reception means 31 1the challenge random number 7103 is taken outand approval 
challenge Challenge703 is sent to the 1st exclusive OR means 712 (ST7104). When 
the use approval procedure starting information 7101 is giventhe multi stage hash 
means 3 l7From said secret memory measure 316the hash value 3113 is obtainedhash 
operation H of the number of stages which is equivalent to the difference of the 
number of times 31 12 of effective and the using frequency 7102 at the hash value 
31 13 is performedand the multi stage hash value 7104 of a result is sent to the 1st 
exclusive OR means 712. When the use approval procedure starting information 7101 
is giventhe 1st exclusive OR means 712EXCLUSIVE OR operation for every bit is 
performed between the multi stage hash value 7104 and the challenge random number 
7103The disturbance multi stage hash value 7105 is generatedand it sends to the 
approval server means 73 as approval challenge answer Response704 via the 1st 
transmission and reception means 311 (ST7105ST7106). Since hash operation H 
cannot calculate this disturbance multi stage hash value 7105 for the sufficiently safe 
third party who does not know the password PWthe random number ROand a 
challenge random number as long as iton the other handhas tropismthe length of a 
resultand random naturelt is shown that it is a valid user which gets to know the 
password PW by this disturbance multi stage hash value 7105. Since many number of 
stageses of hash operation H in a multi stage hash value are performed so that it 
went bac< in the past and the following multi stage hash value is also incalculable 
from this multi stage hash value 7104there is also no necessity for encryption. 
Generally it is supposed 100 or more times [ operation / code ] that it is hash 
operation a high speedand if it is a suitable number of stagesit can process at high 
speed than the case where a code is used. 

[0171]On the other handin the approval server means 73it is received by the 3rd 
transmission and reception means 331 the disturbance multi stage hash value 7307 is 
taken outand approval challenge answer Response704 is sent to the 2nd exclusive OR 
means 733 (ST7304). The 2nd exclusive OR means 733 performs EXCLUSIVE OR 
operation for every bit between the challenge random number 7306 and the 
disturbance multi stage hash value 7307obtains the multi stage hash value 7308and 
sends it to the 3rd hash means 532 (ST7305). The 3rd hash means 532 performs hash 
operation to the multi stage hash value 7308and sends the secondary multi stage 
hash value 5305 of a result to the approval collation means 337. The approval 
collation means 337 and the 2nd attestation child addition means 533 operate like the 
case of d rawing 15 and drawing 16 and send the authentication ticket data 5308 to the 



client means 71 as authentication ticket Ticket501 via the 3rd transmission and 
reception means 331. Howeverit is not this limitationwhen it remains with the multi 
stage hash value 5302 and a ticket identifier by reception of authentication ticket 
rejected note Reject705 and supply of the group 5303 of the number of times of 
available and a server identifier is deterred (ST7306ST7307). 

[01 72]0n the other handin the client means 71 It is received by the 1st transmission 
and reception means 31 land authentication ticket Ticket501 is sent to said ticket 
maintenance management tool 71 1 as the authentication ticket data 51 01 is held 
(ST7107ST7108)and is used in a next use approval procedure. 

[0173]Sirice the number of stages of the disturbance multi stage hash value by which 
the authentication ticket 305 sent to the approval server means 73 is accompanied 
decreases every [ 1 ] for every use approval and it goes from the client means 71 by 
thisin the approval server means 73what is necessary is just to perform one step of 
hash operationand it can shorten response time. Since a time stamp is updatedit can 
set to the shortness of the grade which can cover the interval of access to the term 
of validityfor examplel hourand the user convenience can improve safetywithout 
making it fall. By this methodthe client means 71 using the higher authentication 
ticket 305 of safetywithout revealing the password PW to a third party including the 
approval server means 73 and 74 to n timesUse approval can be obtained in shorter 
response timeand the authentication ticket is available in common at two or more 
approval serversand can decentralize the traffic of check processing. 
[01 74] Although it had composition which calculates a multi stage hash value in the 
client means 71 at every use approval procedure in the above explanationit is good 
also as composition which carries out precomputation of the multi stage hash value of 
all the number of stageses at the time of acquisition of an authentication ticketand is 
memorized to the secret memory measure 316. In that caseprocessing time for every 
use approval procedure of what needs to use the more nearly mass Tampa-proof 
nature memory device as the secret memory measure 316 can be shortened more. 
[0175]Thusdecentralized administration of the use of an authentication ticket can be 
carried out by constituting an authentication system like this embodiment under the 
method with which an authentication ticket is updated. Thereforeone management 
resource can be lessened more. 
[0176] 

[Effect of the Invention]In this inventionsingle sign-on type the authentication method 
and authentication system which cannot need cipher processing in a client sidebut 
can manage the use count of an authentication ticket easilyand can eliminate [ 1st ] 
double use are obtained so that clearly from the above explanation. 
[01 77]In a user authentication procedurecipher processing in a client side is not 
needed for the 2ndand also single sign-on type the authentication method and 
authentication system which can communalize data processing of attestation 
presentation information and data processing of presentation information are obtained. 



[0178]In what generates [ 3rd ] collation information by making into confidential 
information the random number for attestation which the client means generated. 
Since the collation information which an authentication ticket includes becomes 
unrelated to user authentication informationeven a possibility that user authentication 
information will be guessed cannot be found and single sign-on type an authentication 
method and an authentication system with higher safety are obtained from an 
authentication ticket. 

[0179]By 4th on the other hand performing irreversible arithmetic operation of 
confidential information by tropism hash operationeven if a client side is a device with 
low computation capabilitysingle sign-on type the authentication method and 
authentication system which can perform use approval processing by practical 
processing time are obtained. 

[0180]To the 5than approval server means by what updates the collation information 
of an authentication ticketetc. Since it is updated whenever an authentication ticket 
uses itand especially a time stamp is updated and the term of validity in an effective 
judging can be set up shorterSingle sign-on type the authentication method and 
authentication system which possibility of the unauthorized use by a third party can 
be made smallerand can shorten the response time of use approval further are 
obtained. 

[0181]In what established the authentication ticket management tool which manages 
[ 6th ] the use count of an authentication ticket. In the system by which an 
authentication ticket is not updatedsince it becomes possible to use an 
authentication ticket in common to two or more approval serverssingle sign-on type 
an authentication method and an authentication system with higher convenience are 
obtained. 

[0182]To the 7than authentication server means and an approval server means by 
what memorizes the issuance history of an authentication ticket. In the system by 
which an authentication ticket is updatedsince the decentralized administration of the 
use of an authentication ticket can be carried outsingle sign-on type the 
authentication method and authentication system which can lessen one management 
resource more are obtained. 
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[Brief Description of the Drawings] 

[Drawing 1]The key map showing the outline of the authentication system in a 1st 
embodiment of this invention 

[Drawing 2]The key map showing the outline of the authentication system in a 2nd 
embodiment of this invention 

[Drawing 3]The key map showing the outline of the authentication system in a 3rd 



embodiment of this invention 

[Drawing 4]The protocol sequence diagram of the authentication system in a 4th 
embodiment of this invention 

[Drawing 5]The functional block diagram of the authentication system in a 4th 
embodiment of this invention 

[Drawing 6] The flow chart showing operation of the authentication system in a 4th 
embodiment of this invention 

[Drawing 7]The detailed functional block diagram of the attestation child addition 
means at the time of using a message authorization code in the authentication 
system in a 4th embodiment of this invention 

[Drawing 8]The detailed functional block diagram of the attestation child verifying 
means at the time of using a message authorization code in the authentication 
system in a 4th embodiment of this invention 

[Drawing 9]The detailed functional block diagram of the attestation child addition 
means at the time of using a digital signature in the authentication system in a 4th 
embodiment of this invention 

[Drawing 10] The detailed functional block diagram of the attestation child verifying 
means at the time of using a digital signature in the authentication system in a 4th 
embodiment of this invention 

[Drawing 1 1] The protocol sequence diagram of the authentication system in a 5th 
embodiment of this invention 

[Drawing 12] The functional block diagram of the authentication system in a 5th 
embodiment of this invention 

[Drawing 13] The flow chart showing operation of the authentication system in a 5th 
embodiment of this invention 

[Drawing 14] The protocol sequence diagram of the authentication system in a 6th 
embodiment of this invention 

[Drawing 15] The functional block diagram of the authentication system in a 6th 
embodiment of this invention 

[Drawing 16] The flow chart showing operation of the authentication system in a 6th 
embodiment of this invention 

[Drawing 1 7] The protocol sequence diagram of the authentication system in a 7th 
embodiment of this invention 

[Drawing 18] The functional block diagram of the authentication system in a 7th 
embodiment of this invention 

[Drawing 19] The flow chart showing operation of the authentication system in a 7th 
embodiment of this invention 

[Drawing 20] The protocol sequence diagram of the authentication system in an 8th 
embodiment of this invention 

[Drawing 21] The functional block diagram of the authentication system in an 8th 
embodiment of this invention 



[Drawing 22] The flow chart showing operation of the authentication system in an 8th 
embodiment of this invention 

[Drawing 23] The key map showing the outline of the conventional authentication 
method 

[Drawing 24] The protocol sequence diagram of the conventional authentication 
method 

[Drawing 25] The functional block diagram of the conventional authentication method 
[Drawing 26] It is a flow chart showing operation of the conventional authentication 
method. 

[Description of Notations] 

11121314151617181 client means 

212223242627282 authentication server means 

333536373and 83 Approval server means 

414and 24 Confidential information 

57803805 authentication tickets 

6 and 804 Presentation information 

8 and 806 Notice of approval 

1323and 801 Attestation presentation information 

64 Authentication ticket management tool 

74 The 2nd approval server means 

311 The 1st transmission and reception means 

312 and 811 Input means 

313 Hash means 

314 Ticket holding mechanism 

316 A secret memory measure 

317 Multi stage hash means 

321 The 2nd transmission and reception means 

322 attestation — a time check — a means 

323 Authentication information storage means 

324 Random number generating means 

325 The 2nd multi stage hash means 

326 Attestation collation means 

327 Ticket identifier creating means 

328 Attestation child addition means 
328A self-identifier storage means 
328B data connecting mechanism 
328C connection data hash means 

328D server common key memory measure 
328E common key system cryptographer stage 
328F attestation child connecting mechanism 
328G self-secret key memory measure 



328H public key system cryptographer stage 

331 The 3rd transmission and reception means 

332 approval — a time check — a means 

333 Attestation child verifying means 

333A attestation child separating mechanism 

the [ 333B ] — the connection data hash means of two 

the [ 333C ] — the server common key memory measure of two 

the [ 333D ] — the common key system cryptographer stage of two 

333E data separation means 

333F publisher identifier collation means 

333G comparison means 

333H server public key accumulation means 

333J public key system decoding means 

334 and 832 Ticket effective judging means 

335 and 531 Ticket use management tool 

336 The 3rd multi stage hash means 

337 Approval collation means 

41 1 The random number generating means for attestation 
412612and 712 The 1st exclusive OR means 

421 The 2nd hash means 

422 The 2nd exclusive OR means 

423 The 2nd multi stage hash means 
51 1 Ticket holding mechanism 

532 The 3rd hash means 

533 The 2nd attestation child addition means 

611 and 711 Ticket maintenance management tool 
621 Ticket registration instruction means 

631 Ticket update indication means 

632 The 2nd random number generating means 

633 and 733 The 2nd exclusive OR means 
721 Ticket issue management tool 

731 Renewal management tool of a ticket 

732 The 2nd random number generating means 

812 Session key decoding means 

813 proof — a time check — a means 

814 Certification information cryptographer stage 

821 Session key creating means 

822 Session key cryptographer stage 

823 Ticket cryptographer stage 
831 Ticket decoding means 

833 Certification information decoding means 



834 Certi fication information effective judging means 

835 Approval collation means 
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SJn5;U7- KW5c£**H«:TSB9»S22{r 
6 4©i^ftjbH;:EtB©BE5'X7 1 Ao 

[»*3®6] laffia-ifBSEitffltf, aeaicfia** 
nfcj6Mt&am^BT*a ^ <h^!ttss[<t-r5ii5t<^2 

8 4 ©l>f ftif icEKfflBBES/XT 1 ^ 
m«fli7] BEBETft ^BEu-FT 



*1tat t-«B*^ 1 frS 6 ©l^r lubHcEttWBEv' 

X7Ao 

[M*S9] iuEms©* praams -istimjw 

ntMcEKoBEi/Xx^o 

rtf5R3S i o ] huebe^ 7h#, +*--/ raai?* 
^fect*safr*is«si^6 9©^-fti^E« 

©BEfXxA, 

[imil 1 ] iuEBE^y h*>\ *f*BBS*#tr 
Ct*W»fT5B«^1 #6 1 OO^rtutrtcEB© 
BE->X7A D 

[H3cJS 1 2 ] MEBE^ y h 6\ *?5#B3Sy?* 
MEBpre--/f#»(fc MEBrTT* 
EBE^-y h©HdWafc«ftlHHftfc«fTai«iS»f 
#K»l?£BK?£«HlrU BuE!H£tifffltf» iuEtt 
*1!!«teBuEmS©*Wffi3i»* n - k 0JS Lfc fc©fc 
M£fr*ft. BuE^S6iaatfn-kl::E»r*n*c:t*S 
«fTS»30S1 UcEBfflBSES'Xx^. 

mm 1 3 ] IuEBrI^-/ W®h\ WEBSE** 
y h©ffiffl0»*«lLTfiy, Cft**LTfflj5MS» 

jbHcEftoBEfXx/v, 

[Bj$5 14] BE* 7 > h 3MSrt\ auEBEf- 
KOffii0S«ttlLT6y, fuEBE^y h<t 

1 1. k c ti^s LT*jffiBRT**A&* c t *i$a t r s 
b*si 1 2©^-rn6HcEe©igE->xxAo 

[B«S1 5] ^©MEI2pI^-A#a<t. SuEB 

t*«ATfiy, auE^7-<7>h?at±, iuEBE^ 
^rv KOffiffl0»t«aLTi>y, MEI2E^<r-y hi 

t&izznzmLTQmmpiztiitbztyaT'&Vs me 

BE^-/\"*ati> luEBE^y h*«ffr*fcfct. 
KMEBE? 1 ^ KSa^aiciuEBE^^y hOSff 
Bfi*}ISU iuESRT-9— /^att» iuEBBE^^-y 
hfflasSS^TffilEBE^^y hflfa#ain|JESE 

a* y *E»3ia*gi*/-cJi^tctt!pjfflBRrLa^c 

tS»£f*B*35l 1 1 ©i>r*i*MJ:E«©BE5/ 

6] i3EBRi^-^#a*aa«ji. me 

^5-ry*>h#att, SuEBE^^y h©ffiffl0»*« 
SLTfey. SuEBE^^-y httttccti^LTW 
«BRT*3R**tifl!)T»y» BuEBE-y--A*#aii, M 

ebe^^7 h*§ffiTztt*>izmfmM.*Emu 
MEBRiti— /s^m*. MEBE^^-y hzmmtzt 
t*>lcmmmmZtBMU mEBEf-^y h©as*s 
ttTtuEBE^^r h ©*ff #«giJ?tf BEBIEit 
-/ ^#a* fc ttKEB RUt-/ ^atcMEBE?^ y h 
©BK*BS U MEBE+f-/ ^#a* feliiuEBRT^ 



C£*1$»£-r«»*E1 2lcES©BE->XxAo 

aw* n - k ajsLfctot iaEaatfflfiHftttitafli 
snue«?**ct*i5«tr«si*si 4#s 1 6© 

[fSsRJSI 8] BE*** HcafrTSBIW— /t# 

at, be*>t-> Ko#uffl*Bpi-r*KRr^-y^a 

t, suEBEtr-y\*#au:BE*Vy h*S*U fuE 

Bsif— y\"¥au:BE?*-y Ko*«j/iBpr*s*-ra^ 

7»> h^at^A^BE^XxAtcfe^T* 

sAa^at* MiBBSEti— /^a«fcyBSE^-y 

8#at, iuK?-*'y h«ft#a«fcUSfiE**y HfflS 

#a * y ol-v m&imzmz t £*>icmmmy—j t 
¥ a J; y sia£«? t, c n e cmmse/ vy -> a -;g$s£ js 

1" / \ >y -> a #a i; v iul B/ \7->i?gJ; *J fife/ \ •> > a 

a«t y / \ v yiia y aj lt, ^— tr bee? mtctsv 
TttisgBx**a«fcy^ai2i«[n (nttiEBa) *fs 

T, n a©/ \ y v' =l mWZm LT9rc*W \ > affi^ 
MEBE+f- y ^-at-S y , WfflBRl^liItcfe^TliHU 

ibbri^-; <#a * y mma k ( k a n j.xt©iesi 

^) £<#T, n- kK®ny->a5i*£J6LTi#7c£a 

y \ •> -> n.mzmim*iy-j ^mzmzzw vr>a? 
at£n§§u 

mibbbe+j-/ wmt\ =L-vwwmmm*fttcm 
mz^nm&^mt. mmvm nmrn^m*. y ^ 

fea-lfKSEfiSffl t i9SBajft**#aT*l« Lfcftat 

©asic n + 1 a©/ \ ■> -> a mnz'tt a jg 2 ©^ay \ 
•y->a#at, wE*?<(7y h#a«fcy»ft#a/w 
-> afii^tuiam 2 (d$®j \ y */ a #a?»fc*a/ \ ■> -> 
a«t!a^raKiE!H^at, waft?** misy? 
*£j£-r***v hwj^ia^ats B$&j£itt$u$ 

&«#a«fcy»fc^-> mgij?» tMBREss^aj: 
y»fc*a/\y->a«» mib^^-tzv h#a«feyfffi: 

i^jitaics^<d^f^*>x Mif^BE-y-/^ 
a*^TftfT#wj?«>3iefcBre u be* 

at*jmu 

mm°iv-i &m&s tae* ^ryv #a<fc y mtc 



WBy?ossttatf*-f/xx*>ytiuiBBRffl-ie#a 

<fc y *#fcPf2Jtf*gt©M©W2ti1±£*x y ^r^^^-y 
KW«*IS#at» BE**-y h©*Vy hiHSU^<t*iJ 

fflisiataysifliRrttHatsea-rs^^y hsrae 
s^at, fjia^-y hsifflea^a.fcyjpjffliaak* 

'<§7\ MIB^^<7> h^a«fcy*§fc*aMv5/:i<iIte 
k mtD/vy y^n^mLzmtc-^wvy y^\m 

tt*t«JB3fl*a/\'r>a#Si. tuE**v hfUH 

ws#a«fc y »fc*a/ \ v -> iffit tussis 3 ©*a/ \ -y 

-> zL#a<J; y Wtz=#&W \ -y -> i«t *a^-r «BrT 

is^at*jifi-r*ct*i#afr«BH->x7 i ^o 
9] BuiBBE^JP^a^ -y-/\Ta7-ft 
wrssaa^Pi^^i3iti-s+t-M-ftii®iBit# 
at, aaBy^^ffittrsaasij^Eii^at. ^^-y 
k iss'j? t %w \ -y -> =l m t #5a0a t $ ■< ax ^ > j 
tit-/^y?tiuiBeiiai?Eti#a«feyff7ca?7« 

#a«fe y ^ifes^x- ^ tc/ vy~/3. aw**r jmsx- 

\-y -> a#Si, lulB^- / ^ft3MBE«#a«fc ( J 
ftiia^^a^ffl^TfulBjISx-^y \-y -> i#a 
J: y W/cy \ -y ->ji*BSft LTBBE? t r S«3Mt& 

t mi&wmttm^ a± y *#fcBE? t « 

BE?*^at**«L, 

BulBBE?«E#a6\ -y-y ^BT^T SftiMteiC 

«84fa*E«-rasg2©^-/WiMBBtt#at» be 

^^r-y h£££x-*tBE?tl;:ttSrr*BE?#li 

#at, luEKE^it^aiyfircjiiSx-**^^ 

•y hWBU?t^a/\'y->affl4:W«ilHiat*-fi*X*V 

7t.v-i mm-t «fr#«gy ? t ic»«-r * x - ^ » 
a#at , BuEBE?»ii?a<fe y ifcig/-^ tcy \ 
■y5/aa!ji*jtfS2©ai£7 s -^/\y5/ii#at. Su 
§B£ 2 w-j ^snsatt^a j: y ^rcjssasang^ 
a^ffl^T bJbbsb 2 cDigf--$!/\7 i/ifgct y »fe 

y\y->affl*iig^fbLTlkRfflBBE?fr*S2 0ft3i 

a*scw^at» a«B7 ? -*»»#a«ty»rc*ff« 

*ff««ai?!a&#at» i3E«R«W3y?!!B^#a«fc 
y»fca^iejiitfw»*s-r«^iEi3EBBE?»«#a 

«fe y SfeBBE? tSQE* 2 OftiMt&ai8^^ a«fe l J » 
fclkRfflBBE?t*lk«LTIS**a*rstkR#at 

[»*S2 0] B5EBEWJD#a6\ BE^-y\"© 

aaBu?*EfiT*SMBu?fae*at. 
■y hwgu?t^a/\y->i«tw»iHiat*-rixx^> 



*£#a J; y it fcsex-* tc/ vy -> a gim^sfe-ra^x 

-^/\7->a¥Si, MEg8S®glE1i#a<fc y 
MBSSIS^IBffiBfcJB^TiaEBBx- 2 / \ y =/ a ^ 
S.J: y fifty \ y >■ iWb LTKBE? t f «45M« 

issew^ats iuK7 r -*ai£#a«fcy»fcBiS7 s - 
* <tiuEaM»#iC«wa«fc usfeBSE? t*»ir 

E?ifc#»r*BSE?#»#a£* MIBBIiE?#ifl? 

a J: y fffcinsf -< s» y vmfrt&m w -> a 

mfrtizftmifttiTZT-zftm^mt, mebe 
?»K#a«fc y « fcjiigx - * ic/ \ <y -> a amtttrB 

2©£3gx-$yvy->a#a<t, /«<04iH« 
S^MHt^HMtf *iME5 ? -*»H¥««fc y fife 

sit-/tta»»B«#a^ wiB^-A45H«a#« 

«fc y »fc4iBB*6ai«^4iBI«*fflL^Ti9iaBIE?»Jll 

?ad; y «^BK?«(i« Lit«ffl/\y ->a<fi£-r*£ 
BBsaawa^ tuiBa^x-^n y -> a#a<t y 
\ -y -> affl t iuiB4ini»5scan?*a «t y /-cttte 

JI«T*C£«3«£-rs»:#H1 8K1B«©BEE->X 

bmbi 21] me? 7 -r 7 > h * a# * bsesl&£ 

fiE#a<!:mi©gtfteWfisa#a<t^*<lL. MEBSE 

st <t msb/ \ ■> -> a #a «fc y / \ ■> -> a fit «fc ©ftttna 
3i«aw*ff s T»fc«ay \ y -> affl^BuiBBii-y— 
M^aK&y, ME&sgEH^a^ »ERBBajk£ 
AE#a<fc y {§ fcBEBa»£««S(3efi u ME^a 

/ \ y -> a. #ate, iuEttBEIf y BEEfflSUBM 

y m LTs wfflBRi#iitcfc^TfijiBBRi-y— A^aj; 

y*JBlH»k«§T, n- kSO/vyi/aattt&ftLT 

fifc^a/ \ v -> a fii^iuiBBpi^-y s^rnm y . 

MEBEE+J"— y t#Btf, MEBIiEH^aKttfc y SB 2 
©y \ v •> a #a& £ 2 ®8HttOTBin#gt« Jlffi U 
MEIg 2 ©y vy -> a #«H\ BulBBEtlSSa^a «fc »J 

f»fciL— tfBBEit s£NEajk£jmt?£j& Lfcaa 

<h ©3MSK7 \ y -> a B)l£tt L % MEJg 2 ©SKfeftfiUI 
W# at*. ME£ 2 ©A y -> a ^ a«fc U fifty \ v i/ a fit 
<hME?5f 7> h#a<fc UfS fcfltftM'y->affi£©» 
ffettfiSffiStSfc fJ4 o ?BEEffiiUR£lM§ U MESg 

2©^a/\->->a?ai±, MEf^sMteWftssi^a 
«fc y i#ftBfMSL&K n a©/ \ -y -> aaw*ff m 

EBETttSn^a^ ME^-y hWSU?4«#aj:y 
»fc?$-y hB9J?* luES2fl!)^a/\y5/a#aj:y 



-/ «su? s^aisift, MiBBSEfti^a<fc y ^#/•cBe 

18^62 0 ©^-rn*Hi:IBK©BliE->Xx 

rti^Ji 2 2 1 lutBBRiti--/ \"¥a*\ mm 3 «^ 
ay \ -y -> a #aic«fc 'Ji3©/vr>i #asz>"^ 2 © 
BimH]n¥«* Jlfll Lv MIB^ 3 a» \ v -> a ^ at±, 
huE^ T 7 > h #a«fc y ?#/c^a/ \ -y -> afllcy \ -y -> 
a )H»^S6 L T»fczufc£S/ \ -y -> afji^ tfjfc L. ME 

Bpjra^#at±, uisfy7 h*jffles#a«fcyfif£:^ 

a/ \ >y -> affl t I3ES 3 ©y \ -y -> a #a«fe y if Tc-^ 
Wwiso-mtZmS U buEM 2 <DBfiE?ttJJD#a 

(±» ME^^-y hjpjfflea#a«feywfc^y khsu 

it-/«iai?ai«sy?«iffl0», tuE^^<7>^ 
^ ad: y ^i/c^ay \ y -> a& MEBpin-^^a <t y « 
rcB§^jif$B^s^<^^rzxX^>x MtficBRT+f-y^ 
&mmtm%m&o)mmzmvE?zttm u bse 

^y-y h<fcLTME^7<7 7 >h?ati:^ii < t^m 

t-rznxmi 8^62 no^-rn^EKoBBEs/x 

[ft5R312 3] 1 oJ6Lha>BRT*-/t#afc» BEE? 1 
^•y K©BffStffllffltt3i*Wl-raBaE?^v hWS 
¥at*SBU MEBSE^<r-y hSg#atf» MEB 

SE^-y^ai y iifcBii?^ -y hafirasai^* t <t 

tc^^r>y hM9J?t^«ilHl»i»yWfflia»t©ffl*B 
SLT. fjEBRl^-y^acty^/cBiiE^^'y hBS 

EBRi-y-y^aicBiiE^^-y h*9fta»i*2£y, 

buEBE+J— y\*#a6\ ^^-y h9S^#a«Affi 
L, luE^^-y KBB«S#att» MIB^^-y hBS'J? 
S«#a«fcySfc^^'y hBS'J?<kfuE^5-r7V h# 

a J; y « Tcv-i vmBmsccmmmLt * sbse?^ y 
sy, 

SuE^ 7 -T7>h^a*\ ME^^-y h«^a^tfc 

^^^•y h^jt^s^ai:, ^i^ftewiSiaffi#a<t 

£IH1U ME^^-<y h«J5<iS#at±, fuEBEE^- 
y *#a«fc y BE^^ >y h £|3TfiJ$T * 1 1 1, IE* Uffi0 

luE^ay \ -y > a # ati> nGBBEB #a J: y / vy ~> 
afl^lX y ft LTx a-1fBK¥»Efe^TH: n a©/ \ 
•y ~> a sm$B LT®tc$W \ y > iffi*luEBSE1t- 
y^atc^y, WSBRT^Blcfi^TttluE^^-y hfi 

jt'gs^a «t y fc^isiB k «wt, n - k a©y s -y 

-> a3SJt*« LTmc$®/ \ y -> aB#BIBB 1 ©SMS 

fi«ftBffl#aicisy, iuESi©»fftWtt3i»#a{4. 

BuEf-ay \ -y -> a #a<fc y iifc^ay \ y -> a« t MEB 



S2b£*T*£u:iuESSE?«fi#a«fc h 
is»&tf tr-y mmi-tmw ^ < z > h?a<t y« 

fespJffllsJKt^SBE^^-y hafiJESrJt**£jSLT 

MiBBiiE?*--y hes^aicay, taBBSE*** he 
g#s<fc y mm^y h*afta»tf issna*^ 

KbE*7'T7V h#a«fcy*§fcWE0Sk ttuEKE 

?**SE^a y \ v -> affl <t * u mibs 
2(oaaafej«#stt, aa**«LTi3E^5-r7 , >h 
# a&tf mibus 2 ©sffteWiisffl^stcjM y , luiam 2 
©SHftwaaffl#«fcj\ iuiBm2©aa£ifi¥a«fcyis 
fca»tijiB^7-ry'> h#a«fc ysfcaasa/w -> 
nffit ©^«S3ifflsi»*?T a ^ T^ay \ •> «> aa* 

WfiU fflE»3©*«/\v5/a#«l4, ful3£2©j# 

iuKBSET-** HBl#afcJ\ fuIBBEEtl--y\^a<fcy 
SfcBE**'.y h*ffe«g^*t,ttc^4ry h«? 

-/ ^««fe y rnnMU^ * h aaw&i? <t ©s^tt 

>y * U *§l£©^£lclifSIBBW+f-y^aK 

[mm 2 4 ] rpi^- / v#a* 1 o«±*« u m 

IBBE-9— A"?a*i\ T-fr-y h«frttS#a*JMIiU 
luIB^-y hfH=Wl#a«:, futB^-y hKSMjS 

#a«fcu»fe^v \-m.%&tmn<7^'(7y h#a£ 
y a fe*- j «ai?aiffi«BRfc*«a u buIbbri 

*B'J?*«* LT f ijffl@»ffl»^tt*^ 1 -y * U *§£ 
£©^£KttMffiB^-y^aicBEE?Vy h*l*6il 

buIB*^ 7>h#atf, iuIB^^-y hfiHf^afcttfc 
£;Hr-y hfiatftWat, Jg1©8MteWfi3fa#a<t 
*JMiU lulBf ^-y h^Jt^g^ati, fulBBEE+t- 

y ^a J; y bse? y h *f§T«irr * <t 1 1 ksusis] 
»*wilt, iuEBRr*-A#au:*ns*ii35U 

MIB^a/ \ -y -> a #ai±. lulB«lffilB1i# a* y y \ -y ~> 
D.mW) tH LT\ a— ? RE#WK£l*Ttt n a©y\ 

■y -> aaw*» LT»fc*a/ \ ■> -> ^mzmmmwv- 

y^ai^y. WfflBRT^atiJ^TttMlB^^-y h<£ 

j#ea#a <fc y ftfcgusisift k *»t, n - k a©y \ •> 
s/a3tjt*»LT-^fc^a/\'y ->i.mzmmm 1 ©smbj 
wsaw^afcaiy* mibm 1 om^mmm^mt. 



t#a j: y »fca»t ©sffiswaa»3w*ff 4 
o Tse^©«a^a/ \ ■> -> a{i£tuiBBpj + 7--y ^atc 
ay. 

BulBBRl^-y^a^ M§fi?Vy hSiaaa^afctt 

tes?^-y hMfrts^at, a2©a»£rt¥a»tf 

S2©SH&W«3ffl#a4:£JI«U iuffl?** hKff 
es^ati. HuIB^^-y h£»«£#a«fcyf5fc*J£e 
»tf«»*Sr«^l::B5iBBIE?ttlI#a«feyWfe?^ 
■y hWB'J?a^-y«S"J?tfflSB^7-f 7> h^ad; 
yf§fcjpj)ll2l»i:fi»5?^-y h*Jffl!S^***L» Rff 
*«9J?tfSr iulBBEE^-z^aSfcttS 2 £DBRT+f 

-y ^aic w ltsi y x suiBBii-y-y ^as /cI±mib 
m2©BRr+t-y^a«fcyBBE?^'y hJBfc&isntfs* 
nftfrofcJi^ic, tuiB^^-rzy h#ad; y«fcsi)i 
wikt mmm^mi^^ y fsrc^a/ vy^^m.t^ 

iiitiTZtt&lz. ?^'y hBKBU?. t»— yTOJ^Stf 

»y*"j/iiHi»*«iLT. Krsa«2©Bpi^-y^a«fc 

y ?^-y hW)l!iB**g^rc«^t!:jpJffll3a©»^tt* 
fi7^U ^ll^©Ji^-l;:{iHijiBm2©Bpr^-y\*# 
aitBBEf-^y hffittii»]*3iy» l3ES2©aBffiffi 

^ai±> aa**i«LTinB^7-f7vh#aatfffliB 
S2©sfftewiiig?p#aii:sy. mBm2conmmmm 
«?at±v iuiBS2©aa*/fi#a«kyif/haati5E 
^ 7 > k #a«t u mcwa&m \ -y ~> ^a <t ©^fft 
waaaa* o r^ay \ -y s/it^iafi suib 

y ^#fc^ay \ -y tsiimu \ y -> aav«a lt» fc-;^ 
^ay \-y u fulfils 2 ©B§iB*ti]n#a 

(i, mBT'ry h«a#a«feyf§fc?^-y h^U?. It 

-/nKsu^siraiy auiam2 ©sHs««3i?p 
#a «t y ^ffc^ay \ y ->^ffl. fuiBBRin-Bt^acfc y « 

#a*^r«fHW9J?©j^U:BiE?«ytt U BSE 
?^>y htLTiuE^7-r7 , >h#ai::a*Ci:*i$a 
i:-r*a*^2 2lcffiS©BSE->XT-K 
Bt#S 2 5 ] BSE?^r y h t«frr *BHV- / ^ 

a<t, BSE?y>y hwfUffl^BRi-rsBpr^-y^a 

<t. Huf3BEEtl-y^atcBSE?^7 h^SsRL. fuIB 
BRT^-y^atcBSE?^-y h©*U/lKRr*E*f 

^-fy'vh^atsaASKiis/xxixCKiE&sicu 

BSE H t-y^a*^^7<7 7 >h#a^ BSE-y-y^ 

^»l2iatfnT?SaKBE^y h*«RU ^^-<7 7 > 
h?at±, lulBBEE?^-y h*B^-/^a^LT 
5PJ/lKpr**46s BRTIt-y ^aoasilMORsRtcW 
LT, ^7<7 , >h#att» lul3BII?^-y h©ffiMsl 
IS^k (kl±nJ-XT©IESIij) SulB*B?&tl 



MfB^flHteLTSjSU BnJ+*-A#a«\ mSBSk 

*tisiB!H^it!aii:©-a*wg'j-r5z:t*»afra 

HI3S0S2 6] BBE^v h*SSr-r*BH-9— 
HufBI§SE^- y^{J:^SE^<r«> h*E*U ME 

BEE+f-y 6 ? 5 -T 7> h #SUu BEtr-y 

jpJfflBRT**i6. BRUt-y^Soa^fSfflflDgailca 

fttfk (kttnW.T<OiElHB fuEfcS&tf 
«tWEHfS©^Ria!aWS: n - k @SfeLfdStSlgfll£ 
tuES5M1!«£LT83*U KrT-9— /^#«tt % MlBH 
^nS«kiuBE«rSO^pIiSe»ll*1lHlJfiU *o*ibs 

mtmrnsmto-mzmmzttu^ bueb 
tsfcatrasEsa. 

[»«^ 2 7 ] MIBISSE^-/ BSE?^ y h 
*B*TSf ^-r3»> h#«fc&a*SLTBEffliiMt 
1S1RU ^7-f7>h#«(4, n-»fBIEllMfctt 

fca»ig«*i!jKKBHE/T»fliatLTa^u mmv— 
i&mts fi»LT^*n-yBBEitffltifflBaat© 
jiisiciaiEmmc^pnastji* n + 1 hbslt. 

WgjRiluEBBEffi^Wat©Ha*HB-r3i» ME 
:i — yBSEtPS <t MESU& <fc ©jI&KMEffiS©* pfiB 

(cm£0^pIiS!ai»*n (nttiEWB HftLfcSulBBS 

ff5R^2 5 Sfcti 2 6 IdBKOBSKao 
[fftftg 2 8 ] MEBE+^-y ^a* s > BEE? 1 T v h 

8ftK*u ^^^yyv^mt. n— mmmtm 

fcfc©£*7-f7> h#«tf£jSLfcBEfliaS£0J# 
ttWliSfQ^»Jg^^ij|BBiiE^^$6t LTffi* U 
BBEtJ— fiat LTl^a— tfBHfliaitluE 

ffiSIU MEBEfflftS£i«iE»*1i ffit LT, Ctilc 
m^«D^Rl353IS^n (nfcfcjESSc) 0J6 LfciSK!!fl# 
1tS*SfeBE*$-v ^ZmrTZZtZimtTzn 



[tt£5 2 9 ] ft mm 1 S 2 4 ©l^rtlfrfcEWO 
BSE->X^7Hf7* ti*BBE*a£$fctt9l«^2 5 
8 2 8 0f rft#£E«fflBSE£S£fflJGS;7n^A 

*?n-ii«tfiwsypri6ajB3?EaLn:, bee® 

[000 1] 

So 

[0002] 

mWTZWmiDTZtLTlt. /U7- KATJKcfcSt© 

fittStf fijfl! * ti* J: 5 left -3 T*/t 0 C <0 cfe 5 4-» 
^;Ht-T>*VS!©BBKatLTtt^ Ker 
b e r o sBH^XxATfflO^Stl^TTP (Trusted 
Third-party Protocol) tf— KKfflStlTl/'S. 

[0003] 8e*©-»^i/-9--r>*>a!<oBH 

SaicoL^THiB*#iaLfttf 63MBr«. 02 3 lift 

HWJ» 02 4ti^n H3jMc5*T7n haiUf— 
>X0TfeS o H2 3ar5BI2 4lEfi^T, 8HiJL-+f 

-r>^7x~x^}#o^7'r7>h?av 82«a— tfe 
iE*?5& 5 BSE-y— / a> 83t±7 ^ -t xmmzmm l 

[0004] v?4Tyv^m\t.¥m&-iV£mi£ 

^LTA73*nfcZL-+fHSU?U I Dt^-/«»J?S 
I D<t^BES/Txtf?S<»:LTi:t,&^fcBEg5RAuthen 
ticate Request801^^5'T7 7 > h?a81^BEtr-y^ 

#a82tc^ y % c ntc^ LBE-y-/ wmity u 7 - 
K P VJZmt LTftmtZ nfc-b y -> a >«s k * 1 1, 

4-3ftBfE)i8»Authorlze Request8025'BH5 1 '7-'y HI 
Cket803tit,lca6y3iro 

[0 0 0 5] *blc, *^7>h#S81£BRTy--A 

*6BOO Um*IIFPij5)7^=PIII5lr-fc--l L=P6B 



8itf-te >y -> a yms k T-iWb* tifc^— 9»ai?u i 
D<h^-<ZxX^>7T S k LTifc&o 
fcigRlgacAuthoi ize Request804£HEE^ y Kicket 

805 <!: <t t im^-f-j wmuzm y . zmcm lisri 

1t-/^a83ttKBES«Author i ze Request804K Jitf* 
SaMSffliBBEf-frv hTicket805t*ttEELTx IES 

t SttntraRiiffifflResui t806*s y is-rt. ©T-fcs* 

[0 0 0 6] W±©«fc54^Pl*3;l/5/-^>X*l$"3 
(»0S>>7/btf*>*>ffl0BIE&Sfcfcl*T» J-XT 

5 14, >*>S<0BSE*»©*J«* 
sr«II^Py^H-p»*o H2 5l«:fi^Tt» 81l±n 
-tf*>*7x-X«fr3*5-r7':/h#B» 8214a- 
VBBE^ffa 3 BE*-/ 83t±7? -b AttK£M 

[0 0 0 7] -?^-f7>h#S81l±, x-^CDSIgfi* 
ff&3SlfflilSS:'(i#lll311t % □.— 
*A*l#8811£* aflLfc-byS/a>«*tt^-ra-b 
•y -> a >*H»¥«812£, Sfl LfcBEg 1 ^ -y h 

fc-fe -y -> a Vft^iMStzlBtt? 3tt«IBtt¥gt316 
<h. ^«H&**BiBfW¥«8l3£, -b-y->a>gt 

S8l4£fr5«iS;!rft*. 

[0 0 0 8] BUtf- /^S82tt, 

ffi*fift-3B2<JD3gSffl#S321£» B#£iJ£ftBrt3a 

a*tifcBSEW««a#ift323i, n— fbbbgssu: 

«HMI*4j*r«-fe y -> a >8£/£#g821 /U7 

- K*«t^T-b ■> s> a ymzvsmktz-by */ a >g|Hg 

^#K822£, *7*>a>Kffli^BE^iy h£0§ 
[0 0 0 9] Sfc, BrT0— /f#B83tt, ?-$OS§ 

€*fi&5«3a)2SS«#a331t, ussifctus-raB 
pin«S332t» mu^y h*a^rs^^-> ha 

^f#f£83l<fc, HE^^v KO*»tt!We*ff43^ 
•y HiaWS#S832i:, BE3f*EE11Hil*arefb-r 
*HW1taa^#S833t, BSEal^tE^nHBO^tt 

K©rt«tBlia*BEiBflHi<0rt*t*ttl(a9dr*B 
W»£#fi835£fr5«***iS. 

[0 0 10] «±OJ:5Jc«lJ8*ftfc«e«©S/>^U-9- 
-r>*>SOBSE35a(cfe^T, JirF^flMttttfco^T 

BIEit-/^gl82lc*6A^469B*ftfci-ifBEffl 
<D7 U7-KPW £5NfllBRr£f#S3tft<W- / SBHHP 
S I DttfZL— VA*800tLTA*#S81UJ:A**tl 

ZCCX-31/-I1 c -r o i n i \ l -H^eoo-i 1 1+ 



H— tf A^800^-B$«J#-T £ <h tie?-/ «BJ? 310 

VzWLftLTI-'Tv h«Jt#a3l4U:S*o f ^-7 hSU 
3MS314&. tf-/TOU?3101iatfj&?-;5BE3 L $- i .y h 
x-^SSasLT (ST 3 1 0 2) % «3e|£JR]ifi]3102 

fcaraas^BBisEsis,, ^saw#S3i5t±, 

«i«a]3102#ML*^r«^^«:, 3.— +fBSEiaSEBi 
51818101 £au§E A733M681 1 U . m*) 

314. &®fE^g316&01iEEtt$SI^#S814K2f3 
(ST 3 1 0 3) „ 

[0 0 11] iiulBA7J#J£8llli, a— yBBEeaaas 
101tf4AS*l*^ -WWLftl- trA;*j800frSSX 
ft Lit. i-tfKBU?t+f-/ WJ?t©«8103*S1 1 
©iigfl? S31 1 LTEESsRAuthent i cate Reques 
t801£LTB5E-9--/^fi82£2£y (ST8 10 2) , 
9«SiJ?8104*IH8fl|«l8^#a814lE2£ y . y a 
■7- K8105£-b-y-> a >S^#S812tcJM^ 0 

[0 0 12] BBE-9— A^®82ti:j3^Tl±, BliES3<Au 
thent i cate RequestSOl l±|g 2 (7)2l§ffl?S321 ?gfl* 

mxfT'ry hB#*a823lcii5ti» 1t-/UKBU?8202 
tf^y hPi^a823lc2S6tia (ST8 2 0 1) D 

BGEiff igsa? S323t±, zL-+fnsy?82oi ic^ts-r s 

/^9-K*«BRLT (ST8 2 0 2) % 
tt/tt7- K8203^-t?-y->a >^Pg^¥S822^5My, 

aase«iwa]8204*-b -y -> a >a^«#a82istf -b -y 

> a >«IB^#a822lJ:2tS (ST8203) o -b-y-> 

a >s^m#ig82i ii % ttMSiian8204ff « y 

Ji£tC s «rfcfc7>^ft"fcy5/3>«8205*S«LT- 
•b -y -> a ywm^miim^'r -y h 18^8823^36 
3 (S T 8 2 0 4) „ -b-y-> a >«IW#a822tt, ^ 
UsejRii»182043tj«W y *S-ra^tE, -b -y ~> a >S8205 
K8203^ffl^TUt^fbL7cUt^fb-b-y->a> 

S8206^SfiEL (ST8 2 0 5) % cn*S2©age 
? S321 L TaiifS^Au thent i cate Response802 <t 
LT^5-r7 , >h#BBHE2g* (ST8 2 0 7) 0 ail 
lf^S322ti. 3Ht«*J*lteLT£y» SS^JlC 
S-5< *-TixX*>^3212*^y hB§^#S823tCtt 
IftLT^*. ?<r'y hBf^#g823{±, P^gPlcS^U^ 

-/TOj?8202fc*KS LTcy-jmwmzm^T. jl- 

VB»J?8201 1 ■9--/«Bll?8202t 5»-TixA* >^3212 
i-fey->3 >W205t*BHKkLfcBEE^'y hx-* 
8207*^dtL (ST820 2, ST820 6) % ZLtlZ 
m 2 ©5li§fi#S321 LTmm^ >yH\ cket803 1 
LT^^<7>h#S81lCjMS (ST8 2 0 7) „ 
[0 0 13] ^^-f 7>h#a81(Cfe^T(4» BEEOff 
Authenticate Response802t±^ 1 ©eI§{I#IS311^^ 
LTB^b-b -y -> a y«8i06i: LT-b -y *> a >@a^# 

S812k2l6tU Bll^'y hTicket803t±^l£DS§ffi 



hfi5»#S314lc2S6n* (ST8 1 0 3) „ SuE 
hfift^gBMttRSE^fry ^^-^8108^+)— 
M^SU?3101£*^ttT«*rf£ (ST3112). 
■b y -> a S81 2(4, PS^b-b v 5> a >&81 06 

S/^ 1 ?- K8105*ffl^T8Hgfl;-ra (ST8 1 0 
4) „ ftoT, jELLV^^-KtfA^Sftfcadfc© 
3WE Ll^-b y -> a >m%mz> ZL t #T**£„ -b y > a > 

«a##S8i2^#6tifc-i*y -> a ymmmmmzm. 

[0 0 14] «IS'fB1t#®316tt % -by$/a>®8107£ 

(st 8 1 o 5) , tmm^mmmmmfts-TLz 

m.tc*k&\Zs Ell Lfc-fe -v -> a >«8l09£SEEff SHH§- 
?IS814ICS^ 0 !jE0^ftB$#S813li. 3Sa^'J=&«-BSL 
TfcU, SifflSSJfcS^ dt-r AX4»>^B110*SEWfif 
«B^«814l::iafgLZVS. aEE1f«HB^fft814 
(4, 5pJfflSpI#IISEiliatt8102tf4*6*iSi, i-+f 
!&SiJ?8104<t $ >f ^X* >7°81 10«k £-b y -> a >&8109 
*ffl^TW*fbL.fcBSE»*IEWtII«8111*^jaL (S 
T8 10 6) , £ft£Hn<7)i2£gffi#IS311£tf-LTB 
RTERAuthorize Request804<t LTBpJ-y— M'?®83(c 
5M« (S T 8 1 0 7) „ luIBfy7 h«£#K314(4, 

?jfflKpi^as»affl8io2tf #*.s*i* <h. 

?3101lC^|S-r««}tLfcBII^^-> hx-^8112^ 
£1 ©ggfmSSII^LTBE^y KTicket805t 
LT3Rlt»— /^a83tES6* (ST8 10 7) . 
[0 0 15] Way-l*£fm\LtSVT\As KrTB«Au 
thor i ze Request8;04(4!S 3 ©SSSffl* «331€rt- LTB 

w&Kumm mimt LTHwi»aa^#a833(csi s 

tU RET^y hTicket80S(4S3©SSfll#a331*^ 
LTBE^y h7 r -^8301<tLT^<ry h«^S83 
Hc5M6ft-5 (ST8 3 0 1) „ ^$-y hflM&831 
(4s RE^y h7 r -*830l£rtStefi^LfcS-y--/f 

/WJdP8303tdi-r > 78304 t^^y h 
^»tU£#S832tc36 »J % -b y -> 3 >S8305*H^1fffi 
iS-t#S833Ki3£3 (S T 8 3 0 2) „ RpJH-f$3M£332 
(4, 3R&«H«lt«LT£»J« SBt^S01t«83O6*^^ 
v h W«#J S#g832»tf EEBIt «W3M»JS#«834U:# 
tSLTl^S. ^fry hW»W£#S832{4, -9— /WW 
?8303irtSlC«»Ln:ait-/«giJ?i©-H3lty£* 
firft 5 <>:<!:*,(;:, *-rAX*>78304£«ffl«B1t«83 

* LT> ^rtlfcJI?*SJi£fc3.— tfHgiJ?8302*5 1 
fry ML-+f^SiJ?8307,t LTBrTSH£#«8351;:2£S 

(ST330 6, ST3307) o SEWfiftfflH^IB 
833(4, RE^&E03ti $B8308£-b y 5/ a >&8305£fl§ 
l^TWfbLT, &5ftfc:i-1flt9J^8309£*-r^* 
*>^8310i*SE^fiia#aW£#S834lcS« (ST 



y->3>a*ffl^Tsg^b*nT^sa)T% i^^yy 

STIE Ll^-b y -> 3 >«tf ffl^StifeH^lc ®*» 

£ 0 BEW1taW»WS#a834tt, ^f/xX^>^8310 
<t?HS^iJ1ffg8306^<7)Mtfm^©Be^M©eHF , gT-S 

oB&mm^—vmffsii 1 <t ltbris§^S835(c5M 

3 (ST8 3 04, ST830 5) B BrT!H£¥«835 
(4. ?fry hH— tf^SiJ?8307tE^JL— tfag'J?8311 
tOHRW£*?r&^ (ST8 3 0 6) s iT^^fee 
lfKpiafil8312* % aS3fl!>3Sg«#»331*rtLTRpr 
iifl]Result806£ LT?y-r7> h#®8H«:3Sy (S T 
8 3 07. ST3 3 1 7K *5'Ty , yh#fi81l«:33l/> 
T§ft*ft3 (ST 3 1 1 8) 0 ^<D<tt. -^s#im& 

L<»6*IT£»J» ;ift(4^<7'>l-3M£?IELlAb 
y -> a >gttfJ8^ Sftfc H <t LTfc y , E mtiE L 

[00 16] 

fflLTfcy, ^(c*ufflBnrii!ia<7)fcmc^7'<7 7 > hft 

«^Sttf§4ffi*^X?- h 7 * «fe 5 ^tt»5!iS^7J 

pr«ffl*ff ft 5 c t hiits ^ t ^ 5 mmzm lti> 

[0 0 17] ±E«e*0*«Ttt, 1 oroBEf- 

^y h<D«ffl[s]^$iJPSLTfcb-r^Wre^lS^T^ 
-50)^TS5fc46, mH^(c < J;y^*nrcBE5 1 '7-y 

h<7)Ui^73-«i|g*+lT^iEft7 7 ^-bX6^Tfttonfc 

[0018] caL7tffi«©aw*jifar* 

BBTiPJfflBprSQa*ftft 5 C <t T#s !2Ef^7 h © 
>7)->§y £ 7)BiiE&^SU : BE->Xx/A=&iit41-« C <!:^ 
[00 19] 

(C *fP£(4, SB HE, W^Isl^n (n(4IESS) T 

LMEBE^^y h^JH^LTSIfflBprr*BRT1t-A 
#StR^ SuEBE^^y h(4, hWB'J^taS 



s»enifflicm£.©^Rjia!aiji* n mm Lfct, ©ts 

y, iuiEKE**y h©ffiffl0»tfk ( k n J-XT©IE 
efJK©*pJ3B3i*&n- k@fifiLfct<DTSS£:<t^ 

[0020] ctucfcy, <7 3-(Tybmv(o^mm 

>SOBBE*aa XfMES'Xy SftSo 
[0 0 2 1] S2 til, i&KBSEtf— /t#SJfc a— tflg 
E#JiIkfc^Ta3&££fi£U Cft^LT^-fT 7 :/ 

h#aicKiiaK5:itffl*B*r s t,©?* y . mtm® 
mj&o^ps&mn* i 0«±«Lfc<.®7»y, suibb 

fEfSISfflli* RlB»W^^luBBmSO^pI3S!-3iJI« 

[0 0 2 2] Ettfcfcy, ±IB^mtcjt)P*T> ?B 

Lft^ 5 BE^tff^©;ISimg<fc^tPE©55tJ 
ttSfctfftiifbT-SS* -»7;l/+M>;J->§y©BE£ 

[0 0 2 3] S3 ic, MfBBE+J— 7f#«tt, 3— tfB 
5E#l(BfcJsi/*T&»*£jeU £ft:£^LT^-<7> 

h?atESSES^:ita*s*-rst.o?*y» mibbse 
ffijjMsaii, lufEi-ygHnsfflatf aissajfci ©as 

e*?a5y, iyiEiBffflt?B& luisBE^tft^eai 

[0024] ctucty, ±rawtcinAT» BE? 1 *- 

%tz.imm->T •> h # si-yams rt 
nttrsftt\ «fcyfi*as/>^u-y--r>*>sa>3SE 

75>£&tfBE->7> x^^f StiSc 
[0 0 2 5] a4ic, ME3fS©^RliS!3Wtf-*lRltt 

[0 0 2 6] Ctl.K±y, ±fS3&JHkJ]P;lT> O'v^T 

seiHT^PJfflBRl'jflS^fir&a C ttf 

vsoKSE&ssarfBEs/xx s ft*. 

[0 0 2 7] MtBBE^y httftfrWJ? 

MIBBRl-y-/^Sl±s *UfflBRlT5<!:<htlc 
MfBBE^y h©85^1Sat^aiH]»t»ffQl«t« 
ff^SISJ^tBE? t*EBrr3ti©?fty» iulEBS^ 

itaii, siiBSwtit ai::B?EHfSo^pri»3tii* n - k 

0ffiLfct©T»*tU MIBWaisiati. n-k7l 

[0028] cti.it.fcy, ±faa*iEip?iT» mm-*! 



ek* ft* re* wja*j£k£^*^SM(Bia* a y s < s 

;Tr#*©T\ S=#l«:«fc*^jEffifflORrigtt*«J:y^ 

>?;U^V*>S©BE£;£&a : BES'XxZ^iS 
ft*. 

[0029] »6t«u m^^^yyv^-nst. mm 

m-*? h®ffiffllsl»*WlLT£y, sulBBE^y 
h £ <h t. IE Z. tl*m LTf UfflBRl^5RA6* ©Tifc y , 
■5IBKpI1t-/^a«W»fijt» iulBBE?<ry h©£ 

jasttswirsKiiE^y nifs^TS'Jv 

MIBBE-y— /tfStt, SuIBBE^-j/ VtkWnTZt 
ttKMIBBE^y h^MSKMIBBE^y h© 
»ffWi*«SU iu!BBRJtf-/\~#S«u SufBBE? 
*y KOSiSfcgttTiuEBE^y h*S#«teiulB 
h4>BEXfr«ffiS%U MfSBE^y h<B 

s^s^y^aa^g^fcJi^iEiijijfflBRiL^^ii 

[0 0 3 0] dtUC<fcy, ±IBa*lclPjlT, BE? 1 * 
v hffMSr^ft&l^XxAK&l^ h£ 

-5/c46, «fcyjpjflEtt©«u\ ~»*;i/-y<>*v§y©B 

HSSSatfflHBS/XT 1 S ft*o 
[003 1] S71C ME*5-f7:/h#gH4» MIBB 

h «t 4: tilE C ft£^ LTWfflBRT**** feOT* U , 
tulBB^-^afcSafi*, S5IBBE+t-/\*?a 
tt, SulBBE^ y h r * <t 4 lE^as^fB 
«U BufBBRl^-/\"#|gt±, fjIBBE^-7-y K^M»f 
r*tt«btCjBBfHK*E1iU lulBBE^^y h©ffi 

BE-y— / wm. k ttiuEBRr-y-- / ^aic buIbbe? 

[00 3 2] CftlEcfcy, ±IB^tEjlP^T. BE^^ 
y h^M^*ft*->XxixtEfc^T. BE^-7-y h©« 

jB£#*nra?t*fci& 1 flNfovsy v-x*«fe y> 

4 < T*#S, > > 4fJl/tf-r >S©BE*^atfBE 
->Xx^fSft«o 
[00 3 3] 

[0034] (Si ©HJg©^ffi) S 1 ©HS6ff^©B 
E->XxAti, 01 lC3?rJ:3tc» a-1f'f>*7i- 

x*i#o^^>r7 7 >h#ai t. jl— yBtt*frft5B 

E-y— /\*fS2h ^7-f7>h#ai©7^-bX*tPB 
* WW LTSIfflBRTtfrft 3 KRj-y— / ^« 3 fc A^S^ 



»Js«£Bft 

[oo3 5] ^^-r^yh^ai /^S3t 
©Htt W«S fcteBB»«* y h 7 —7 K «fc »J SM«- ft 

rLfcBffl** I- -7— ?T«§MrnT^ftl\& IBftlf 

lis K, ABBffiaOmfc. Sfcti^ft 

[0 0 3 6] ^^7>hfSl(i, *JJSBRJ#«Tffl 
^SBSE^^y h 5*fiftLTVSo CftttBIW— A 

n0 (nttBiE?-*-? h4>ttttBft) fTft"3fc»»*» 

fin- K^T^il^fte/MMT**. 
[0 0 3 7] ^^>T7>h#S1 £BrT+t- A#S3<t 

©?UfflBpi#iiiu.iJL^Ti±, <7^^y> h#ai 

m & 4 Pj5S»*:it f * n - k 0 ( k l±BEE^ 7h© 
*U/BB^#lffiT©l&8@f3f) ftft o ^|gX««ml1HB 6 

a 6 tite^it $s 4 £*n 6 & ^m=#fciitwr * c <t # 
T»*&i*fc», c capita 6 u: «fc y sastit $s 4 a 

lEMj'ftiL— •fPS*Cttf55*h*o S/c, iSSKSfr 
OIS*«t*a^nt*H:fetta^pIjS!3W f flD0»tf^< 

[0 0 3 8] ^^^7>h¥gHi. C0ffiaM«B6 
fiStLT^fcBSE^y h7tfct,(cBRT-tt- 
B3fcasy, Etifc»LBprtf-/f#«3l4, BE** 
y h 7 SfcBE?®£E^ BattS 6 ic^pJ&StS 

f * k EWrftofclSJIItfBH**")' h 7 tfSfcB£1t» 
K-aT*C£4)«B£*ffftoT» jEStBttnifB 

pra«8#ByiBr. 

[0 0 3 9] EflMHSfcJ:y\ tv'CTy^mwm 

asff a 4 fcBpi-y— M#a 3 *§46rcB=#ic«^-r c 

<fc£<, n@ST*BBE^y h7*ffifflLT*JfflBRr« 

[0 0 4 0] C©J;5^ *SOOfllOBB'^7i» 
& ftttlsHKffn (nttjEBft) ?*«BEf^!y h* 
«£U Cti*SLT*JfflBpI**i6a^7-r7>h# 
at, CtiSSltTffl^lWi^S^LfjiBBBE^^y h 
t m& LTf iJffiB rTT *BeJ+r- / \*#a«t «Jlff L T U» 

[004 1] iSIEBE?*-.* htcti. jB^««®flfil^ 

3LA-.,, L»ffll2 fefthraSMr ax-Kicm* ++_ifta?H3+-- 



Lfc«ST?SSo iulBJf*1ff8l±, BE^-7-y h 
OffflEitfk (kttnJWTOiEfflBQ S5 
EiHMBKft£®?Rra!B!r« n-k BBLfclfB? 

[0 0 4 2] C3Lfc«^E«fcy» ^5-T7>hB?fl!> 

Bg^s^^gt-tt-r, be*-*-* h<D&mm&*®% 
[0043] (« 2 ommnmm m 2 omtmmom 

22K»LTBHa3Mlffl*jRLTBK^y h^B**" 

[0 0 4 4] EflDBHS/*xAI4» H2fc3*T«fc3fc % 

a-+f-r>^7i-x^-3^^-r7 , >h^an<»:> n 

-1fBE£ff&?BE?-/<#ai24:, 

ai 1 ©7 -7 -fe XBB^fU B L TWm rT*S 4 3 B rT+t 

-/t#«3fcfrs«y» *7-r7 7 >h#an<tBE-y— 

/^SlzStfBRT-y— /^S 3 tOBttWB^fcttMB 

y^S3ttBlOSISBBB (01) fcH-Tfiy. s 
fc» Bffi-9— / t#«12frS* ^<7 7 V h¥aiUESSys 

#a 3 ic26«-r sffiswaatiBRr^^ -;K * 6 kb 

Rj-y--/^a3 6-6^7<7 7 > h#«11U:ByiE*ti* 

Bpra»8u:^Tt., BioBB^B (®D tra- 
[0045] ncommyx^ucD<7^-fTy\~^m^t 

ATj* ftfc/ U 7 - K p w t BEir— / «#Bl2«t y fflfc 

aAR ^obb^rtxbii f * 1 mmz^rctsmz® 

WIMMi LTfiWr^o 7pTXBB f 3»3E»fi^&^ 
C ©^?Btl?S14t±/ U 7 - K P W«ffl S ft L^BHBfc tt 

[oo4 6] t^Tyv^mytwBtt-ii&mib. 

(0=l- VBE#B(J:fi^Ttt» BE^-;t#S123B«SU» 
*4«U 2:ti^LT-75>r7 7 >h#amcBEJi^ 

nia*E»-r«o ?^7>i^aii^ m°x7-kp 

w tBBEit-y ^Si2«fc y»fcSURR i©B«^RfiB 
jH» f * 1 Bfr&oT8«1fffB14*mti U ^©IBSti 
«14tC*5tC^RTiB3Wf*n0 (a»n + 1@ % nt± 
BE^^ry K©W^l£]|fe) fTft^fc£**BEffl*1t« 
I3<t LTBE+t-;V#ai2tc2IS 0 
[0 0 4 7] cntziSU BE^-/^ai2ti, BES 



mrem^zrctbic&mTz 0 mu^mu^-y h©& 

[0 0 4 8] $fc, 7 7 >h?IS11<t|gRrtl— A# 

#&®1f&14K*TOfmf£n-k[E] (kliBaE** 

•> h©?yfflBPi¥)iiToffiffl0tt) fiftofeis**as 
ffisita6ttiWfiitffli4*fii5ft^SB=#ica:if»-r* 

Efctf?#ftl*fctts C©JfaMtSl6 E«fc UiBff11Nl4 

# * < ft tJtir 3 os^hhi 6 & e&oa 
fti\ 

[0 0 4 9] ^5-T7>h#S11^ C capita 6 

a 3 less y , c ti icw lispi^-/ 3 imm^ •> 
h 7 trefcBSE?©«fiE£» spiffs 6 (eTRraeativ f 

* k Hffft o fcteSfoEHHE** v b 7 tf ^CH^flMlE 

[0050] cfflsatcfc*;, *^-f3*vh#«ii«:» 

«1t«14*> / \°X "7— KP W £BpJ1t- / ^a 3 £^i6fc 
»=#lcW^rctft< % nHS-pBE^v h7*« 

[005 1] cfeaic. *HJ6©»«©BII->X7 1 i* 

■w*, be-9— /s^atf, n— tfBE^mcjs^Taa 

*£l«U E*l«*LT*^7>h#afcBIHIaM1l 

mt^tmmxnmaizEmB* i @i-x±S6l 

fcfc©*ffifllU BSEa^ffiffltLT, C©««11f«tt: 

[0052] E5Ufc«MKc«fcy % mKommmma)® 
micinzT. 3.-vmt&mc*i*T*>9 : 7'(7> bm 
•?0>m&em#*mwj* BGES^nHHostii 

[0053] (S3 ommomm) % 3 ©hj<m©b 

Hii/XxAT^ H3fca*TJ;3fc, ^7^7>hfg 
2HC«feoT4«*tircBSEffl39JBttf««fiia24t LT^ 

"y^yy h #a2i t Knit- / ^a22<t ©H-es^s *i 

So 

[0 0 5 4] EflDS/Xxl^tt, a— "fBK^JWcfi^ 
^7>h#a21fc:BiiE^tiBB*£*T*,, *5-C7 

L=*:eaTil+ i\'-7 n_ t'Dlll 1- SDfX++_ i <"=t 6Bn h II 



fcfc&»R pra»3W f * 1 EKrft^fclS* 

tv^^Ty b^mwmmm^mLtcmmmi2At 
(ommmmms^mtm mitt mst ltwvev-j k 

ID (EXOR) »J|*SLTl^. 

[0 0 5 5] CtlfcttU BSE-t- /\"#a22t±, BSEJf 
5Mt»23 £ / <X 9 - K P W £ 3SL» R £ # 5 i» Jl L T»« 
tf$B25£?RA6£ 0 *LT, C©IMS1»ffl2Slc^pIia»3tJt 

f*n0frftl\ *©3t*i£**Hl£1t«i: U EWc 

tayisr. ^^-f7 7 vh#a2it±, znzwmmzj^ 

[0 0 5 6] ftfc\ t LH-+f ^iEftSH^TBEJi 
aMf«23/ra3fcft Sftfct©JE£ Tfttf* ? 5 7 > 

h#«21?BB*fr-.y h 5 *a#t*e 

+T- / W BfHfSlf W3fr 6 ; U 9 - K P W t W&L R t 

zmvT&m Lfcawsis msnt 3 -r t y b #a2i iz.it 

»frSftl\, *©fctt* fH«©WfflBRl#Wlcfi^T* 

[0057] o^47yv*m\tMnv-mmk. 
wmz-^mm f^n-k@ ( k liBii^^ * h © 

jpJfflBpT#IS?©ffiffllHlgfc) ft o fd£S«fiaHlHE 6 

a 6 UiBttlff $B24^3EQ 6 ft ^S=#lc(4IW-r « Cttf* 
T#ftLNfcA6, C©ffi^1IS«6 IE* y»Wta24*ffl* 
iElftZL—tfTfeSCfcAv^tlSo Sfc, iiSlESfr 

SitiTicttTtfti^?, m^k©i^gtftt\ 
[0 0 5 8] ^^^7 7 >h#a2H±, C ©8^1996 

fiasLT^fcBaE^-sry ^tttKBRT-y— /\*^ 
a 3 tea y % c nts lbpt-9--/ ^a 3 imw?* v 

b 7 SfcB5E?©«SE£» ^1f$S 6 lc^pli£j||g f 
* kaffftofcejRtfBEE^frv S 7tf#tJ8S^1tSlJ: 

-^r*ct©*Bt*ffft-3Ts jEatBtttiawpr 
jias^yji-To 

[0 0 5 9] £©£;£fc«fc y. 1^47y b^m2Ut y 

mmmmA j pjix r y- kpw*bpht-/m 3*^46 

[0 0 6 0] E©«fc3fc» *HSfe©Jf^©BliE->Xx^ 

*S*U Cti^LT^^<7 7 >h#aie:BBE^tl 
a^g^-TSo BaESSltaHi, a-ffBaElfffiS^BU 

^7-f7>h#atf^iaLfcBEfflaa «wei» 
is) t©^wtia«]3ig^T-fey> zomrnm 



[0061] ;ie LtzMmz&v, be?^ Ht^ts 
m-* 7 h^a a—tfBEti s^*tu*ns ptm&t 6 

BE->XxAjW#6n5e 
[0062] (Si 4 (DMffiWm) m 4 ©HJfeBSlT- 

[0 0 6 3] 04 t±, ZCDi/XTl±T?(DZfn h=Wl/£ij^ 

LTf Ep] £*7& a BrI+J—/ U 13^ 

rs (k i ~)j imK%m^tzWW?y&ttm&z*LT 

[0064] o^4Tyv^m\tmm-i^mik. 
^iL-+fi§iiE#iiiicfc^Tt±, s*\ ?^;p>h?fs 

31 tf„ ZL~+f-f >^ 7 1 -X^ j> LI A^]?n/ca-+f' 
I$8ll?U I DtV-/WfrS I D,h£ < t.fc&^7cBE 
g^RAuthent i cate Request301 £BE+f- / ^S32tC^| 
•5. COB^ BfDSsRAuthenticate Request301#BE 

[0 0 6 5] ZtttZttLZ. I2SE^-A#|g32^ §0 

5 j: 5 tc^;* n/cau r o ^ i t, & ^ fcgE^ 

U>v>Chal lenge;;02£gtl>S-to Zft^Stt/c^-rT 7 
>h3M£3Hi, a-+fV>^7i-X^LTA^)*tl 
fc/\°7. 7 - K P W t SLifc R 0 <h (DmmcM LT n + 1® 
(DM v -> n St* H £J6 L fcfe <h t & q fcBE? 1 * 
>S?(5SResponst-303*3i U iS U d ft K Jt LBEtf— 
A?S32li, ? + Uy-7f5gResponse303tCiStt£ n + 
1 ©/ \ >y 5/ aSWWS* t S5^fcn + 1Syvr>a 
»JHe* t *ik»»SE LT-artitf iE3 <t B& Sr fc 
fc£j*Lfc**-y m»J?T IDin + 1 «/\-y->a3l 
WSjRt*-rA7*>7TS0t-9— /^WS'J? S I D<h 

fKfiE? ftHini ftfcBE^ y hTi cket304£5M t) £ 

to ^7-r7>h#g3Ki, chswjiKRpMraBi* 

[0 0 6 6] Sfc, *5-r7 , >h*«31fcBETy---/$f 

tfBRlS«Authorize Request&tfBE^-v Kicket3 
05^|gPl+t-y^|S33lC^^o Z.am. SRlS*Author 
ize Request #Il--+ffSSiJ?U I D££fc&5fc4>£L 
Tfc«fcl\ CftUttLT, f§RJtf"-A#S:33ti, C©K 

E*$-y hoffi^i=ia(c«^<fflk*tt,ft-3fcEgRr^ 



7»> h#»31tt, KPWifURR 0 

3* LT n - k + 1 SO/ \ y -> aaW H «tt LfctS** t 
^zj; o fcKW * U >^(5SResponse307*S f ^"To 
[0067] z. ay i \ v -> a stff H ?5#&£&-75iR]tt 

ttejRcjssatf^v^tt^oTi^iHys c©/\ 

•y ~> n. ;H3f fgjgli/ U 7— FP WStfSJS R 0 3r£P 6 & 

=l giggle: «fcyy<U -7- FPW^fflSiEaai-yT* 

-> a ft* H OSfttf^ < ftfoftTl** fcik C ©7 \ v 
5> n3iIMg*fr S3fc©/ \ y -> aatWSiR^tt-Wr S £ £ 

/ Vy S/aaW H <t LTte, M D5^SHA§i:'0 

7 iHJ y XA^^ffl-T S ^1 <k tf T# So 
[0 0 6 8] cni^LT, BRT^-/^a32tt. BrT 
f 1 -^ U>v > 'fS§ : Response307t^JSttS n - k + 1 WW 
'y =l mm&miz * 6 k SO/ \ •> -> a >HS*Bg Lfc^S 
ttm^-y hTickettcfcttSn + 1 S;\yS/a3liae 
St^JtK^EL, -HR-rtitfiEatBi6TBqBifflRe 
sult308*2SyiS-To ilOB$ N KpIiiffl308tf3pJfflKRn!: 

j; y t<7 -t xtf Kris- nz-cita i nf o^iwiKtc 1 1 a 5 1, 

[0 0 6 9] JCLhCtaa^P h=l/l/i/-4->XU:<fc 

y, o^^cry h?S3iii/U7- FPw*BPi-y— 

#S33*$46fcS=#lEW^-rci&<, n 0$TBE 
^•y h304^ffl LT*"Jffl3Rl*»« C ttf T* * 0 
[0 0 7 0] £©<i:5&7P hn;U5/—7->x^oB 
Hi/X^AOfll^lco^TE 5 0Hfg7P y ^H«#ffi 
LfttfSKWT*. 

[0 0 7 1] HSfcfelvT* 31tiIL-+l 1 V>-?7x-X 
*}#o^5Y7 7 >h#S. 32ttn— yBH*ffa?KBE 
+f- /^@, 33t±7 7 ^-t?7.*tffi^*'J»rLT?'JfflBpI^S 

[0 0 7 2] ^^^7>h?S31t±. x-^OJMgfl^ 

ZAttmnt. 2-3flDA**3WSLT/\y->a3t» 
H^ff755/N>>i/a#S313<!:, SfflLfcBE*** h 

j#tt»ic(Bi;T«Hi*as?r*«yi3HR#a3ist, /\ 

■y ->aStm£JR«aeS^IBfi| r S«l«IBtt #S316 

^A6ftfca«*tett45l6tlfe2 0fl!)a«0||fl!> 
SISO/ \ y -> a at Jl*fift a ^S/ vy-yn. #®31 7 4: * 

[0 0 7 3] mi OiigfI#®31Hi, h7- 
^ oa?Sli:fS LT^Jx«* LAN*- ma LAN^V^ 

yx-xmm. ^^omm^y^y^-xmrn. m 

fr-*HA- K^PIAFS*- K*<0»at-r>f 



^<Ofr*ffi^iH+3*tf£: LTtcfcl\ A7J#S312 
Its - K» x>+-H©A^A^lga, ^ 

> nv x*3Hr#* yw-cvfrt mimm t v>m 

a^is3i3t±. mx&wmm&ii y v> -> i-ish ©t'/u 
=ry XA«-ffl*»:A,^»jnsiat*ii*dto-a:T«is* 

fflJtl^ 5QSa:lR?IS315li, mttl&llsl&tfffiffl 
«t?BIB1i:#S316t± % fllxfcjfl C£-K0<fc? 
ft»* >y o fc* * U Xic J: o TffifiE* ft 
5. ^®A7~>a?S317l± s «jl(fy\->S/aai|H(3!) 

BttBIK U J: y 3BB LTfcfi 

[0 0 7 4] BEE?-/*¥«32tt, x-^cOiMS 
««ff4 5 Sg 2 WS§fl#S321 <t. SKE^^i^ <T 
£BSEftlW£322<^ K§©a-t/aaflf« 
£8fflT£BliEf§?8§«#{$323<!:, n-t/BSMyiS 

1 1 ^ LNg8»<D7 \ •> -> a 35S H £ff ft a m 2 <D%W \ y 
-> a ?S325 <fc , 2 -3(D$W \ y > afiI*ifcttJH£T * 
BBESB##S326t, BEE^y hRftSlcn ft 

hBSMtos-rs*^ h-t$sy?£/£¥f£327 

[0 0 7 5] B2®2£S<g^«321«: % h7- 

7i-Xgl, $-~j-)\/7 7 '?Zf$m(D\ SDN^T^ 
7i-7g& txAH©^fSY>^7x-XSB, St 
3?x-*jifi7J- K^PIAFS*- K*<0«98-f 
7i-Xgi, I r DA^5?:L-yU»ffl3S*MJM'>*7 
i-XS«ftt*T?«**tl*o BEfW#S322li, 0j 
*tf*^*$>*tfffifl3*tl3o i§SEtf$g§i»#lg32 

fc&ofcp^y Twxrstuf ft£Si\ 
heb, fesi^iiwawz-rx*^— 5»{b-r«^s&a 
\ y -> a am h ©7;i/df y x^«ffl*aA,^a»iHi 

»lcW**7-r-KyW^rsiS«^ia»* + j'J>h-r 
3 * S V* ft ffcilft] LTfifJ** ti« 0 B5E!H£#a32 

«yjttfit«oa»T««*ti« 0 h«gy?4 



BSgT«£ftSo SEE?*H»I#«328(i» BEE?3Ej$ 
FjUJ'J XZ**IB*&A,£3IJI0»»tfy * y 0KT« 

j&artis 0 ftfc\ ±E*¥a*^-r^n=i>ea-*s 

fcl4iRJfP>ea-$±<DZi>tfa-27P<?7A£te 
fflLTHSHLTtifi^o £3lM4*©=l>t°a~ £7p 
V^UcWmV RTBftfBSCT^a 75> AIBH*g<*KIBtl 

[0 0 7 6] Sfc, BRT?-/f#«33tt % f-*OSS 
«*ffft3SB3 02iSfi#S331t, 31SB$SiJ^f1-BfT 
*SRlH-l«#«332t % Um^y Hcf*M*tifcBE 
?£&SET3BE?£liHMS333<!:, BfiE^frv hfltfr 
»ttfflJE*ffft3**y hW»W£*S334t % ISEE5 1 

^wsr^^^-y h*uffl < Ks#S335<h, 5x\enfcs 

ft(D/ \ v -> a 5WI H *fift ^ « 3 \ v -> a ¥ S33 

2 O^^gy \ >y 3/ affi^ibRSB^f *BrT!!B^# 

[0 0 7 7] M3©2l§ffi#S331tt, iiffl*yh7- 
^©ABilCJiSUTflOjltfL AN+j-K^CL AN-f>* 

flfx-r SriM*- K-^P I A F S7J- KSOfeB'TV^ 
7i-m I rDAti/i-»f^>^7 

i-xsnftifT«ri6*na. BRin-B$#iS332t±, m 

it. KBE?s«E3 , iu=r y XASffl^iiA./fautaaatf 
pttyEWTMiastis. ^-7->y h*»w£#a334 

«y?itfik«iaasa>ffl^icj:y««*ti*o 
h*j/i«a#S335tt, wffliaa*tf-jir«ssjtiaBt 
±®mv)* * y x/uxtowii^iE.fc y ti«c 

3 <D£Sy \ y -> a # S336t±, «>Ja. tfff 2<0&WLl\ y 

tfibR0»T««*ti*o ftfc\ ±I3##S^^-f^P 
=1 > t°a $ fcttsFlffl =1 > tfa -^±©P > tfi — 5? 

IBBJSttlcfBB U ^P ^7^IB«fil(«WR U gS^Sfi 
^^fcTOcJ: y HBILTtfilA. 
[0 0 7 8] OtOJ:5t«l«*nfcBIE&26atfBIE 

fttfSSKWTSo CCTHU ISSEg3cAuthenticate Req 

[0 0 7 9] S-f, ^7-T7>h#S31^fi^T, 
Va#*a?m— WU"J?U I DfcBBW- y^S32lc 

fe5^i:i6ss*tifc^— vmmmcojK'j-FPwt 

*UfflBRr*f#«3**<01r-y«ai?S I DtBSE^y 



AJjitlZ (ST 3 1 0 K ST3 104). 

mftmmzwitLTT'rv h«it*a3i4ii:2s*o ^ 

hfia#^S3l4tt % ^-y«sy?3l0Uc3**5f SB 
BE^-y hx-^ttifiLT (ST3 10 2) % j£f£*£ 
«3lffl3102*»S3»K#a315te2£5= 5QSS^¥S31S 

(±» ^sesa«3io2^»L^sr^^ii, n— 

fB0aMfiia31 03£ iJIB A*#S31 2»tf \ -y > 
a#«317fc3aS»J, WU^T^lCti (ST 3 1 0 

3) % *uffligpi#iiiEaa*p3io4*HuiB^^-y 

S3l4£«M&Ktt=f «316£ \ >y -> n#S317<!: tcii 

[0 0 8 0] Bu!E.A*J#i&312l±, a-+f|gfiE|flibaffl3 
103tf-£;lbtlS<^ -Bt«f§Lfca-+f A^l300A^61X 

05£SI 1 ©2Sg<t#f&31 1 LTBEMiRAuthent i cat 
e RequestMIt LT3iE-9--A#HB2U:2£y (S T 3 1 

05) , M^mmm^mivyz/zL^mmz^). 

K3107^/\y->a#l6313ltS5o 
[008 1] BK-9-- /^«32lEfcl/»TJi» BEg^Au 
thent i cate Reque st301 tig 2 <7)£§<l#fg321 T'gffi* 
tu «ltH* ftfcn - mKB'J? 3201 BEIf $BS»#f£32 
3K£6*l, W«lliaa3202tf||2O^a/\'yS'a?S325 

mwfwm^m28izm^ti^ (s t 3 2 0 1 ) 0 be 
imwat&f&mu jl— yaKBu?32ouc»jsr*/u 

9-K*tt*L7 (ST3 202) % a»J4>*&(ia 
(ST3 2 0 3) , /U7-K3204£M2<D£gg/Vy-> 
□L#S325tC5M»J % ttSMS»m3205«ajk£A^S324 

[0 0 8 2] aJ»S*#S324«:, &9fs*£lll«Su3205tf 

w y */T*r*£u\ x— »mx<o? + u>i?aa3206 

€Srfc 7 LT* 2 Vy -> a #f£32 

5^5Ms<t<ht.^ S2oaaii#a32i*^LTasE5 : 

+ U>5/Chal Ienge302<fc LT*7-T7> K#»31fc2£« 
(ST 3 2 0 4) „ S|2©^S/\yS/JL^S325ti, & 
SSINIiI»3205ffWy**1-»£U:» /U7- K3204.5: 
^ + U>> ? SLa3206<fc(DJliSetC^LW5a)lH]a3202 c fey 1 
*^«tt©/ Vy -> a -319 H & o T. \ v 

->a«3207£BE!a'&#a326l«:3l* (ST3 20 
5) „ 

[0 0 8 3] £*UcftLT?^ZVh#|g31l;:iS^T 
^ BE?- -V U > v^Cha 1 1 enge302(i£ 1 ©iMgfl? ®31 

i7-§fi*n, ^ uvvfasBiostfuiy i±j*ftT/vy 

5/a^K313tCj£S*l3 (ST3 1 0 6) „ 7Vy->iL^ 
KSBli/'U?- -31074:? + U>$;faj»3108tO3ifi 
icWrS/WS/aSSJlHStTSoT (ST3 10 7) , 

e*o!)/\'>5/affl3io9*«wgBii#a3i6atf^s/\«y 

5/ a# «317fc2fc5o «H6E1l#a316«:; \ >y -> all3109 



#fia©*»s-r* (st 3 1 0 8) „ ^a/\y->a#a 

317li, a-^E#JI^ii»3103tf4;i.5tlTl/ k « 
B#, /\y5/a«31O9lE^a0»31O6lCffla-rsa»©/\ 
■yfajIIIH^&oT (ST3 1 09) \ *££©£S 
/Vy->afil3114£, *1 Oi3£S«#a3n*^LTSsE 
? V U>S>'tS^Response303«t LTBE+J— A?S32U: 
(ST3 1 1 0) o 
[0 0 8 4] CtllCftLTBE-y— A#®32fcfc^T 
tt« BE? + U V3?*SSResponse303ttJB 2 
S321TgfI*n, ^gl/\y->a«3208tflSa*nTB 
EHB^#IS326l^btl^ (ST3 2 0 6) 0 BESSo - 
#8326(4, %W \ -y -> a{fi3207 <h $&/ \ -y > affi3208 
fc©-H8SK*frftl* (S T 3 2 0 7) % B3£fl£j||3209 

mfflf^^mmzm* 1 1 1 i^g/ \ -y 

> a <S3208£ * © £ $ £® / \ "J ~y a {(32 1 0 1 L T BE? 
«Un#S328l::2gS 0 ?Vy KSB!l?3=fS#«327fci\ ffi 

^B*327tf-Ha*s-r«^ic. wab&^^-y hatsy?3 

212*4«LTKBEWlJ0*S328^aia (S T 3 2 0 

8) „ 

[0 0 8 5] BEItB$#ffi322li, iia^iJ=&tf^LT 
fey, 9Eft«i!IU:St5< ^^TAX^>73211^BE^ 
DP#|g328l£:«|&LTL^o BEWJlP#®328tt, ?T 
V b I?ISIJ?321 2 1 \ y "> a <S321 o <t WJ»0a32O2 4: 
A X ^ > ^"321 1 <t +f- / «SiJ? 3203 <fc BE+t- / <32 

?*4«LT<4HBLTSSE?^'y hx-^3213<tL (S 
T3 2 09) % ^2©3i§fI#IS321^LTBE5 l <r 
•> f-Ticket304«hLT'?^-<7 7 > h#S3HE3l« (ST 
3 2 10) . 

[0 0 8 6] CtUcWLT-f 5-ry 7 >h#g31li:iJ^T 
tt» BE^^-y hTicket304t±^1©^§fI?|g3117-§ 
fi**u BE^^-y hx-^3H06^aj*tiTMlB^^ 
■y h«J#?S314lJ:g6ti* (ST 3 1 1 1) 0 MSB^ 
trs hfia*#«314ttaSE^^--y ?3110^+f-M' 
«»J?3101tJ*JS:^T«J$L (ST 3 1 1 2) „ mm 

w^mmmmmm*. zntcmsiz. mm** -y 

h^-^lllfcSBl ©Sg«#»311*ftLTKE**- 
•y hTicket305<hLTBRlM5RAuthorize Request <!: t & 
KBpJ+*--/\"^fS33U:£3 (ST 3 1 1 3) tt&lz, 
BE^^>y hx— 5i^6W«liaa3112*ISlULT*a/\ 
■y5/a^S317lt2IS 0 

[0 0 8 7] Cftfc&LTBRr?-M^833Kfc^T 
tis BE^^-'y Hicket30S*i:t,3a:o7fcgRrg*Autho 
rize Requests 3 ©SS«#«331-rg«**u BE 
?^-y hx-^33016^iti*nTBE?^E^S333k 
S6tl^(ST3301) o BE?^E#S333tt, B 
E^^-y hx-^3301©BE?<tBE?J-X^x-^^ 



6 2 -T AX $ y 7° 3302 <fc -9— / ^K3iJ?3303 1 L T 
IS/ \ y -> a {S3306 1 W3»3307 <!: fgff #f$!5ij?3308 <t 

[0 0 8 8] BRlttl5#«332l±* ijtSI3£iJ£ftf3LT 
fcy, 3I£l$£JKg-3<$--rA3.$>73309£5 1 $-y K 

83341*, «Hiagj||3304tfKy3B:L«:*-ra^lz: (ST 

3305) , y-iimmmtto&ic&&Ltc&y- 

J WJ? <fc a>-»«S*ff 4 5 <t <fc t CC (ST330 
2, ST3 30 3) , ^^IxX^yZfm2timmm^ 

HrtWBCtfc^iv^LT (ST3 30 6, ST3 
3 0 7) , IN-fntJlTSSa^lE^^'y hW«l3ifll33 
10£^ >> KfiJfflei¥S335lEj3iao il^W^fflPS 

lis £<ie£TS£**:iy7 1 *tilS±r*tfa-tff'J 
ffittliffiTU g<K3EtatiL— tfWffittlilSUTS 

1 B©iMS$ra*a/\"-T?*s8isiB&y i 2^sy 
[0089] <ia:t%. **vvi*mmm£mas&. : f- 

*r»j hyxh^lSLTfcy, HWBBO3310tf 
5a.Sftfc«£l:\ hHSiJ?3305^ffl^T^^-> 

(S T 3 3 0 8) o RarSt.©tf«{H-tlfcr?^y 
S>J?3305 <fc W&M 3307 H U fijffl pItl0Si <t £ST fil 
t LTOWa0»33O7fl!>ffl*^yy h UXh tCi&JlQ LIB 
UTS (S T 3 3 0 9. S T 3 3 1 0) o cl£>B§, £8 
My > a{j!3306<»: flfi#aaU?3308*Sto-d:TS1l LT 

tja\ coiaaiLfcii, sa^ttsasTaa-ratiffl 

fflRTllE0ai:fl!)ittfS-r5PJffl0a3311**46 (S T 3 3 

id, cft**;3(7)asfli#S33i*^LzKRr^+' 

U>v>'Chal Ienge306«»: LTv^'T7 7 > h^gBIKSSSi: 
(ST 3 3 1 2) , £3<D£8ny->^8336 
fcfcSSS. ^S/\y->affl3306**O«**a/\ 
•y<>afi!3312«!: L.TI§RlBS^IS337lCjM« 0 
[0 0 9 0] £tUcttLT75<7>h3MS31kfc^T 
l±. Bp!** U>3?Chal Ienge306l±m 1 4>£§fl#831 
1 TSflt* ft, SI&lsHBl 1 5 tf KHJ * ftT£«/ W -> a 
#S317te2£6ft5 (ST3 114). ^S/\y5/JL# 

®3i7t±, fUfflBRr#«e»afli3io4tf 4* snr^a 
iu!B«»Eii#a3i6«fc y jv^siimmzm 



jpjffliaa3ii5toMiEffla-r*aa©/\y->i3iJiH* 

ft&^T (ST 3 1 1 6) , IS*©^a/\y->iflBl16 
£, Ml0i£§fI?831l£^LTB^*U>^fc;£ : R 
esponse307fcLTBRl-y— /^S33lESi« (ST 3 1 1 
7) „ 

[009 1] /\v->D-mWHft1lft ! £-£r£-j5fa&t& 

•v->a{fi3116l±/\°X7- KPWStfaftR 0*ffl5&l/* 

i/nfii3116tCct:y/\°X7- KPW^Q^iE^4rL-+fT i 

/ V'j -> affiKfc ttSMv >> aSIJI H <D8iSttf < fi&to 
ftTl^fctt, £ <D^a/ \ y -> affi31 16# S»©£fi/ \ 

fcftiA, /WS/a3lW*HBttEWHMIII«fcytil 

oofgjja:BiST?**t*ft» 3i«iaaaT?*ft«»i^ 

[0 0 9 2] C*llC»LTBRT-*-/^*«33Kfi^T 
l±, B*T** U>v-^Response307t±m3 0)§fi?a3 
31?g45*fU ^a/\y->iffi3313tf«iai*ftTS3<0 
£J£/Vy->^a336lCiM6ft3 (ST3 3 1 3) „ X 
3 (D&WLI \ v -> a #a336t±, ^a/ \ -V -> affi331 3lCf "J 

fflig«33iitcffia-raa»fl!>/\'y5'aaiiH*fifto 

->afB314*BRnH^#S337 
ICjMS (ST 3 3 1 4) „ BRl!H^a337tt % 
y->i«3312tZ^^a/\y->a«3314t©^MSJ£* 
ff4L^ (ST 3 3 1 5, ST3 3 1 6) % J|T*«45 
«BRljiOT3315^, *3©a»i¥«33l*^LTBRr 
S»Result308«t U^7<7> h#SBHca6»J (S T 
33 17), *7-f7>h#831U:a3l/>TgfB*fta 

(st 3 1 1 8) „ cossaicfey* ^^-rz^h^a 

31 It J \°7. 7 - K P W^BRl-y-/ ^S33*$46fcS=* 
[0 0 9 3] J.X±<7)^Tt±^^-rZ>h^a31 

tcfc^Tf ijfflBRi#)0i©7£ tf ic^ a/ \ >y -> □Lfa^w-gr 

tD^a/ \ ■> -> afil^$luH-W LT«l?BIE1i#a316ti:fE 

nr**«t LTtaus mrE«¥a3i6 
«fflBRT#«e?tffl«S«flH*«fe l J 

[0094] 0 5 ICS Lfc^ 4 ©HJ£^<DBSE 

i/XxAlcfe^T, BIE?<t LT* -yfe-^BliE^- K 
*ffl^fc^©BSE J ff*Ml#»328atfBBE ; fttBE?a3 

33(3!>piBft*«fiyat«M^ m 7 mm a ^# 

[0095] BEE?^Jn#a328t±, El 7 fcfjkt <fc 5 

BSE^-z^^^-rnai^tfEHSftfeaBsij? 



£ , / \ y -> a h fcfifft 3 JBSx - * / \ y 5> a #® 32 
8C<t, KSE-9— M#gB1iBRT-9-- /*#«32itftt» 

saie^a328Et» KBEysx—siteais-rsKSE? 

[0 0 9 6] £<Egf£SJ?iE1l?f$328At4, ffilxtf^t 
'J7««**l«o x-*it£#&328Bt4, tiUOSftlB 
8T4ftS?**o jUSt— $i/\.y->a#a328Ctt, 
«7\y ->n3IJt h <DTI\,3V X^*ffl*aA,/c3IIIlHl» 
T-flf$**i3 0 CC?/\y5/23Whtt, A-y->aSI|f 
H.fcl^T&oTfcgftoT^TfcMlA, tl— AftaS 
IB1t?S328Dl±, flOiltfytUTWriEStu »*>/<tt 
£8ofc* * U xWXT*£*UfftiiMl,\, «agi755£ 
H^f£328Et±, #J*«'ra^7/U=f 'J ZI**«.3*iUu1£ 

CCTBS^7 , ;l/d UXA<t LT14, flJiUi'D E h U 
7/UD ES6MT't4 aSFK«£#lft328Fl4, 

[0 0 9 7] Sft, BE?&fIE#K333l4 > E18tC^T 
«fc-3lC EfiE?^x-^^5^lir51!iiE?»SI|f#g33 

+7— /{ft3I»aE1I#e333C*u £iIS£SCtf>U§*f«ig£ 
?*45S2ffl^«£5SII§^«333Di % x-*SU*# 
|iJ^Hfr^x-^^H#IS333E < h, *fr«»BU?*!H^ 
T*«15*IIHJ?JH£#«333F£, * y -b-5«3- 
K*ikl»BaiTaik«#S333GtR«LT^*o 

[0098] zowmttm^mmit. m?Lawm 

8?*«*tl-5o £ 2 OMMSx-^MV ->n#S333B, 
£ 2 ®?-/ \'ftaSIB1t#®333CSU : m 2 <D*mmi5jS. 
HS^#S333D14 % *n«lH7K£^*328C, 328D, 32 
SE^lEOl^at^j^ft*. x-*#i!^|g333Et4, #J 

*«fiffina»?««*n*o ^7#ms'J?^¥S333f 

#S333Gf4, ffij^Uf UKglKOlO^tc: J: »J «U**ti 

ftfc\ ±E*#a*v-r^P3>t:a-4tsfcttsR, 

*i*nx y prffiftieaT^p ^/xEaan*icE» u x 
□ v^uwammm y s«t«*^b-e:fc««^ «fc y 

[0 0 9 9] «±©J:3tc«l8**ifcBE?<!HiO#«32 
8Stj : |g|jE : F^iiE^|g333^0ij!l^^c•^L^Ti5^B«-r« o SSE 
^f*»#S328?(4, S*\ S»BJ?IBtt#«328AfrS 

7 s -*3ie#a328BiEttiE^-y^^*sf«By?tf« 

ff#KSJ?328a£ LT«9e*tlTL^o x-sa&i#f$ 
328B14, H 2 (D31§{!3M£321 «fe y fSfc£»0»32O2& 



/ \ y -> ifil3210 £ s i21iEH-B§#S322 «fc VWtcQ'f I\X 
$>X3211£, x^y hf$&J?£/£#l£327j;yi#/cx 
<ry h«BI?3212£ % S^U?Ett#S328A«fcyf3fc$S 

-*gB328b<h LTm&T-$J \y > :L#S328C»tfBHE 
J ?31tg*a328FlESS«o 

[0 10 0] >l*£x-*y\y~>iL?IS328a4, x-£3P 
328btC*t"t £y \ y -> a 3t» h £ff ft o I, \ y > 

^{S328c^ttiia*iCPi^#S328EtC^^ 0 ftiffiK&JC 
PWMS328Et4, / ^tt3MMBli#S3280fr Sit- / * 

±ta§!328d£i#T, c *i£0g Wcffli^Ty \ y -> affiB2 

8c£W^bLT\ / y -b-ySBBEn- K328e£ LTBEE 
?»B^8328F£2£S 0 |gSE?3SS#IS328Ft4, x~* 
gB328bli:^y-b-5/TO=l- K328e*3SgLT, BliEx 
$-y hx-^3213^aJ7:"r^o 
[0 10 1] £fc, gft?8iiE#a333?tt, £?\ IS 
Ux^ y h x- * 3301 gH?#»#«333AU: A7J * 
tU * y-b-5?KBE=l- K333a<!:x-*SP333b£fc#!il 
*tU yy-b-$?BSE=l-K333a«:lktt^a3336lc % x 
- 2 gB333bt4E 2 OUSf-r * y \ y -> =l ^ S333BStf x 
-^^H?S333ElC^n ; ?n»IS+l^o I2£D1St- 
^/\y->zL#S333Bl4, x— JtSB33bti:»rS/\yS/a 
>H* h ftfift o SK^<Dy \ y > nfil333c^m 2 £Dft» 

«sscm^^ a333Dk2£«„ s 2 ©ftaa^scm^#a 

333D14. £ 2 (Oit- /^KiiadB1t#a333Cfr S^-/ W 
ii«333d*»T, C *l£ WHKE/WT/ \ y -> affi333c 
*B*fkLT» i)Mm* y-tr-^fgllzi- K333ei LT 
ibK#®333GtJ:5ll« 0 x-*#»#S333El4, x-^SP 
333b^ ^ -f ^ > ^3302 «t V~ J WJ? 3303 ifty 
h «9J ? 3305 1 ^S/ \ y -> a {g3306 £ W^)ls]IB[3307 «fc R 
fT*WWF3308£ ic^H LTtUTir ^5 «t <t fc It, ^ff^ 
WgiJ?3308l«:-3^Tl4*fT#BI»J?!!8^#a333FlEt,i3£ 
^^^SiJ?Be^#IS333Ft4, ^^#liS'J?3308tf 
tSSE-y--/ Q2flDSKBU?^ ^ a fr*m& U 85^*£«333f 
*ik«#a333GlE2£* 0 ib«#g333G(4> HS^*333f 
tf-S?^-TA\ ^y-tr-v>TO=l- K333a<tJ±Sffi^ 
y -fe-SfBEa - K333e «t tf-«r * * t> £ lztm& 

m3304^ijb^-r5 o ttSBS«3304fl«RyftL*Sr© 

i4, ^-rnt-KLfcJi^T'SSc 

[0 10 2] HSflDmAOHJBBIBOBEi/Xx 
Alcfc^T, BE?<t LTxi/^yl/SS^ffl^fcJg^© 
BSE?^iP^IS328Srf|gEE?^IiE#S333©fll^SU : ») 
mco^T, H9StfH1 0**88 LTiawrSo 09 
tfiL^B7iaft50(i, ^-/«ft5MB1fi#S328D 
Slfftag7J^Bg^#S328E©^ y tC, BSEit-/ \"32 

sfto^iia«wi««tt«cii-r« mmmmm^ 

^#S328H*R^fcj5il::*S 0 a*B$g!Bffi#K328G<t 

LT14, mtf^t'Jtfffiffll?*, B^>y\«*#-3fi: 
>/ 1 1 1 <~ y -7 -7J*: +i r-F-fv-b e i % /.\Bas»-t=fnas=PEzi 



328Hi: LTit, Mz.im^T!l,3<JXUZm3*&h J rcm 
[0 10 3] %1t, 01 OlZl£^T08 tmteZOl^ 

% 2 ov-i ^jiiaiBit^ g333c, m 2 (D±tmmttv% 

^S333D&tf §gff#HSiJ?Bg^|g333F©ft*3 U fc, 

1 -3tt±«*T « * - / te«»»«#«333Hatf 
£5W§^©ffi^jtBi£ff 4 3 ^8££xC^#&333 J £ 
IStf, C*lSOIHOlSlt*i«46fc^ilca5* 0 +J— /(45i 
«fi»#S333Hfct, KBE-tt-y \"#&32<7);fc4 S f Bpr* 

-/ ^FjBS^a§=S333H<t LTti, fllAlf * t 'J 

£il«£5££#§=«333J.> LTte, fllA.fcf^T'JU :J'J 
XA*ffl*iiA,^i:aill@»$ fcliB^jfigUffl 7p -fe •> 
CCTWT'/UlJyX^LTli, ii 
H»*SClW^IK328HH:fi^Sll|^7;UJUXAtuS#iS 

4i>\ ±K&#Kt?-r * □ =i > tr a - * s fc ttiFiffl n 

LTfcSiA, £*iM±^©3>t°:i--$:/p?^Zx£0c 
»J RTfl6ftJBSCT7P ^T^ESJtftKSBS L, 7p 7 

? umsmtem®. y ^mtm^^tcmm^ y mm 
[0104] uicD&oizmi&ztitcmm^mmi 

8atfBBE?«H-:F«333fl!)ttf^lc:o^TKWr*. BSE 
?ttfl]3M$328T*li, §SiS'J?!B1i*S328A, 
£#K328B, x - £ / \ «y -> a ^ S328C<7)il)f^tt 0 7 
©*§£<!: [HtffT'S U > x-£95328btf BfiE?jS*£#&32 
/\->S/affl328cfi«4J|Btt&JCH|^#a328H^ ^ 

*i?tnwe**i*. 45Bi«&aB^#a328H«:, 

gllBH^ S328Gfr 6 g$&g£328f £*§T» <T tl*BS^« 

8gt LTKBE?ae#a328Fin2£a„ ISE?a)jg^g32 
8Ft±, x-^g|5328bti:7 : v ; ^yU^328g^)iiiSLT, IS 
H^fr-y h7 J -*3213*a*'rSo 
[0 10 5] Sfc. KBE?ttK#a333?«: % £3\ B 
SE^-y hx-*3301tfBE^»#a333AfcA*3- 
*U xv'^;US^333g«»:7 ? — ?gi5333b<!:^ilS-ti % x 
v>2/l/g:&333gtt aH«eSMI^#a333 J t— S* SB 
333bl±m 2 CDiSSS r-?A7Va # ®333BRtf 5* # 
H#a333ElC^n : Pn5iStia o ^CMMSx-^/Vy 
->a#S333Bl± % T-*&333hlZ.iiT&J\yz/D.%mh 
^tSoT, ISjR©/\'y->a«333h*lkR#a333Gt2£ 
5o x-$#St#ig333EI-±, x-$a5333b£<S*-r/*X* 
> 73302 «t "9— / WJ? 3303 1 9 *T >y V I$S!]?3305 1 £ 
W \'y>=L {83306 1 3307 <fc «?r« WSU? 3308 <h 



Ttt?-/rara«*«#K333HU:t,2l* 0 U— /ttiBIB 
S333H14, »ff #K9J? 3308#«^©RE*-/ * 
31 (SfcttBRTlf— A32) ©KW?#£5fr«S(sfiB£- 
U BB^te*333i«ittt#a333GtJ:2£*ttt^ x »fi= 
#Bffl?3308fc^TS*-/taH«333j*aBl»Sa 

[0106] 45Htt&ica^a333jH: % ^-/^raai 

333 j ^tt^SlCffi L N T xv^ ;U»*333g*(fc^b LT> 
tk^ffl/x-y V^{l333ki LT£fc®#©333GlC&3 0 It® 
#i§e333G«, BB«ISJB33itf-»*ai-rj6c» 
333h t \mmi \ V > a ffi333k <k ^-SfT 5 6^ t, <«: fctt 
fiBte*3304*HJ*-r *o «BBe«3304fl«K y & L*sr 

[0 10 7] z^cfcaic^ BHS/XxixtfCflDSMBBH 

commmz ztic&v, i^^Tyy wmw^m 
5 c t tf PiiiiE&s 0 

[0108] 0E 5 ©HSfe«Z)JB«i) S 5 

[0 1 0 9] SI 1 (ifcSOHJBBffifcfcttSKaES/T, 
tA®7p huvu^T^n K=t;u->-^->7.lllTS 

BE*-/ <#S42 fc 7* ? Ts BrT*-/ ^S33tt« to 
Utf4L\ BSE5 l ^U>v ; ^Response401^ 

<bSLD{R 0 1 (DmSfcti LT 1 a©/ \ -y -> a 3tH H ^i6fi 

Ka»3W*S-r) *it45jiSL BK^^-> [-Ticket 
402, 4036^<t fc 4 3 / \ -y -> a SmiRtf BiE«3Uk S 0 
ta*r*n«©/\yS/a»JHejRTPa5«ji5u BpI^+ u 
> >*(S*Response404tf <t 1 4 3 / \ -y -> a StUISStfB 
liEfflSLlif S 0 tc^r a n - k ®©/ \ -y -> a 3111 T«« jS 

[0 110] J-y±(7)cfc34yP hu;U->— {r>XlC<t 
y , O^y^Ty V #S41 (4/ \°X 7 - K P W^BrI*-/ « 
#S33*di6n:*=#teW^-rct&<, n[s]$-<?BiiE 
^^-y h402*«fflLTfMBRl*»*C4:tfT»*, B 
E^-ir-y h4026V\°X , 7- h*P WtctRRflKOASTfiS 
^iE4^H#lccfca/\ 0 7.7- KPW*3K«Sfca6© 
SftSf\ «feyfi^ttfl«iSL\ 
[0 111] <I©J:-547pKzi;U5/— {r>x^oB 
H->XxA<0««lco^TBl 2 0BB^py^H*# 

[0 1 1 2] 01 2Kfe^TtH5tJl4*a>J4» H- 



T05tDv^7>^a31<fcgft£4Hi, =L— 7BE 

«yisi::ajfc*a.ia-r*KBEfflS5La**¥S4ii, 
tfy hs©pfft^iia»giii^fi&5mi ©SMftwsm 

*(M412£i£l;K -^*£*l£i$#/c£a=££o £ 
7c, ^SE^-/\^IS42lCfc^T@ 5 ^|g|iEt>— /\*^S32 
£Hft3©t±, Sg2©£J£My->a^&325. fSSEge^ 

#S326©^t) y / \ y -> a si* h £?t& a m 2 CO) \ 

y->a#|g421, Ify hS©SffteWfiSffl3lg^ff&3 

$g 2 comm^tm^mii. 4* s \ y -> 

St* H £ff 4 5 n 2 CO^W \ v -> a#a423*KW\ 
-Sffl>£**«ttfcjii£S3 0 KEJBa»£l£#«411 

tezmmi***. an, m2(7)SffteWiisfa#®4i 

2, 422<hLTU\ ffJ^^IBStfffflT'*?. Jg2© 
/ \ y -> a#M&421 <: LTlix fll* tf / \ y s s =l MM H 
/I/ J'J XA*ffl*i^^Sllt0»tfffiffl?#*. % 2 © 
*«My ->a?S423t ffl*(*421£RHt4)3lll 

TSa*>*ft£*iBlaLT»Mt-e**o fti>\ ±E* 
lHi*-(DP > tfa — £ 7P y qTlB4» 

scT^p^AafianwniBsu ^Pv^AsafiJH* 
bpsi y s«£»*sfo-efcaMMc * y n% lt t>mi\ 

[0 113] W±aD < fc^tCfllfiK*n/cigSE->X7 1 iA©» 
mc^UTHI 3£#SHL4tf5Bttl3r*. iIJ:T'(±, 
EEEgsRAuthenticate Request301tf|gE^y 

[oii4] $i\ ^7-r3*>h#a4iatfKE-y— 

#S42lefcW, SSI* S20S§ffi#®311, 321, A 
7J#&312, h«##«314, «aaHR#a3i5. 

gSEisa*«#S323, sjaffijs#«324©iMraH5. 

H6 0»££|^«?*y» SEERAuthenticate Reque 
st301Sr>'|gfiE^ J 7 U>i/Chal lenge302tfX«S*tlT» 
V^JTy h*«4llc£^Ttta— WHEJaifilliafll 
4101 £feU$jffiBRT¥JIBIHa3104ft BE?-/** 
S42l::£^TH:*i«ilEl»4201 £■»*—/ TOSH? 3203 <t / U 
■7- K3204i«gR|g«affl4202t9 1 * U>^SL»3206t 
tffiStlS. fc7£U □.-+fBE«Hifi«3ia4101tflu 
IBA^#IS312, KEfflfSLaflE«#a41iat«|5lOl#fl!! 

«Baw^a4i2icasft*iSu wa0»42oi tf s 2 ® 

$Wvy 5/ a#B423Ktf SBE ; ?^#«328fcsS5:h.* 

& saas«jia4202tfa2©/\*y->a#a42i, sl& 

£ja#«324»tf y H«SU?4«#a327tt2S5n* 
& U>y3MS3206tf£2<O/\yS/:L#S421U:ii& 
S tl S i £ t, KSII 2 <D&§ffi#8321 £tt L T v" 5>< T 7 



ffl35L»4*#a41Hi, :2-1fSEM3fi»iIHl4101tf 
^jlStiSt, KE»*Ei¥JU:ffl^5ft*KEffiftS41 
02*»rrclE^y^fr"3SHe«lc*rigLTSB 1 4>J*flstt 
liS«]^a412SO : ^iB^a316lCiil^ (ST4 10 

1 ) o m®Bm^mm±. mmm&mmzmmmfr 

EttLTmE©7^-bX©3!K rftfo-Sn.— yKE^Ii 

g-r* (ST4 1 02) 0 m-\0>mwmffla¥mn 
it. j--y*mwm£mw)&mmt>i5-z.znzt, ny 

->a#a313«fey»fc/\y->a«4103iBIE«3SL»4102 
t©H?ty hS<0»fl!iWftffipa3i»*ffftL\ Jg*t 
LT»6tlfc«a/\y ->affl4104*S 1 <7>S§«#&31 
1*^LTBE^+ U>yj£SResponse401t LTKE-9- 
— /^®42lJ:iS* (ST4103, ST410 4K 
[0 116] cnKSLTBHtf-AWUfcE^T 
fcfc. EE? 1 v U> i>'fS£Response401 l±m 2 tDjMgfl? 

8321 ?sffl* tu «&/ \ y -> ^^4204^ Km* nrm 

2©SffteW^Sffi^a422lc5M6n^ (S T 4 2 0 

2) B -^T-E2^/\-y->a?a421ti, ttHS6«iifi]4 
202tf W y A°X 7 - K3204 1 =f- + U> i>* 
a»3206 1 ©SBSlc J* L/\'r>23»H ^frft o T. 5^ 
H£D/ \ -y -> affi4203^S 2 OSHft W!83ffl#S422l;-# 
»LTt^ (ST4 2 0 1) „ ^2©S^WfiSffi^a 
422ti, % 2 CO) \ V -> jl # S421 cfc y fife/ \ y > nffi4203 

\ •> -> afl4204^ ©F^T- If y h SroSfffiWfSiSffl 

aw*?rftt\ e*i L■z:^#bnfclSEfflSLa4205^m 

2 0^S/\y->a#S423l::«* (ST4 2 0 3) 0 m 
2 co$®/\ y > n?a423ti, RE£iLtt4205li:tt 
<ajIs]|S4201fflS(7)aa©y \ y -> a»» H ^^ft oT, g 
Jiia^g/ \ y > o.ffi4206^IgE?^J!)D#a328lC^S 
(ST4204) 0 

[0 117] JMT, h«ffl?&«¥«327» EE 

f+BS#S322. igE?«}lP#a328©g)#ti04, 0 5(D 

^es3209©«by ic)Bei5ejKij9]4202*ffl^*js % a 

E?ttflD#f£328tf£5&|H]&3202&tf£&/ \ y -> nfi|321 
OlDttt> y ICW^0IS42O 1 TkXS&W \ y 3/ afi!4206^ffl 

mcomm^y bT-^mnm&ti (s t 4 2 0 

5) % S2<OiSS«#a321*^LTKE5 L ^y hTicke 
t402«h LT-?^-T7'> h#S4HE2i5*iSo 
[0 118] i!tl^LT'?7-<7 7 >h^a4nz:fc^T 

(*, iuBB»ioaae#a3ii, suE^vh«*#a3 

»iiffl3104tf^*5*ifc»&t» KE^-fry Micket40 
3tf BRlS«Author i ze Request tit icKRTit- / <#S 
331=386 tu «BllH|»112#*«/\y->a#«317tc:« 

[0119] c:ntc^T^igRi^-/\*^a33(DS)fFtEi 



e306jbSI£tt3o 
[0 12 0] CtUdttLT^'T/'VhfMWIfcJJ^T 

14, mBSSMomsm^m^s *mw s sjL^m\m 
05, m60)m&tmmam?z><, tcmu mim® 

E«#a316«fc »J««(OttSEffi3ajk4105?« f (ST 
4 105), cntcWLTSKKWrfttoft*. Tftft 

15, \y>J #«31 7 WJHiIhHBOI 1 2 1 *Jffl @»31 1 
5 1 ©MKfflMa T ££Bft®/ \ v -> a >H» H £ff & o T 

(ST4 1 0 6) , tS*<O^«/\y->a«4106*Sl© 
iMg{!3M£31 1 LTBrT? 1 + U V v>JS§Response404 
£LTBRltf-/\'#fi33U:2fS (ST4 107) „ 

[0121] C+l.lCfcyKRl-9— /^S33tf»«BRl^ 
tU> v ? jSSResponse404tf <h 1 ft 5 ^S/ \ •> ~> 

mm?*? h t i cket403# 1 1 ft a ^ay \ -y -> n#i4, 

05, Hetoa^-ttt/X'yi/aJsttfetfSftSffl*?* 
LT, jEatB«>tltfBRfiifl]Resu I t308tfjg* tu 0 

y, o^^yy h#a4itt;tx9- kpw£BpT9— 

#«33*£J&fc*=#fclflfr* C <t & < s froy U 7 - 
KPW^(4JSBffTS^ttffl«fe y«oBi?*y 1-402 

[0 12 2] ftfc, J-X±©^7t±^5'r7 7 > h#a41 

3ffi$<t Lfcff, BBE^y KOMWtr^TOB* 
©^a/ \ v 5/ a LT*WMB«#«316(«:E 

LTtmi\ *©s§£, aaiaimBie 
t lt J; y yi m.* * y =fi u xxm^z 

[0 12 3] BHS'XxAtfCCIIflBBB 

*®fi^SBT*oTt., Hfflttft«iai«ia-z*jfflSRi 

j(Bl*ff&-5CitfRlfl6l!:4*o S/t, BE*** KG 

46, M^-yh*Sa-1fBIEflHltf«3l**i*Rlll 
tttffiKfty, «J:.y££tt<J!>*L\ -»^/l/+H->*> 
StoBSE^S&lfBliES/^/xtfWSftSo 

[0124] (i ; 6 omto^ai) m 6 ©HM*<g©B 

EES/X*ZxTl4, BpI H t-/^6'?^<7 7 > h#atc, 
BRBI*n<fc<ttk, WfflEHRtfBBfSnfcBH^^v h 

[0 1 2 5] HI 414, CCBBES/X^/xffl^P h=l/b 
£/TVT7°n hnn-5/-^>XHTft*. 01 4fcfi^T 
04<tgft£<m4, *7-r7yh#»51RtfKRl1t-/< 

fc Bpr+t-^53^5^7-r7 7 >h#asHc, Bpfiifii 



[0 12 6] EOBE^y Kicket50H4, BEE** 
■y h305lCik^T, LTl^So 

[0 12 7] IP'S, BEE**'y h305T*©n + ia/\'y 
S/aailBSJRtf, n-k + 1S/vy>>i«lMgJR (kli 
HBEHR) fcii*»*5ftT^3 0 BEE**-y K-305T 
©WM&ntf, »y*Jffli3ai0ttn-k S 

I/**. SffcftBIE?tfttto*ftT^S. 

[0128] Cffl*S6tC«fcy, <77'T7 7 >h#a5H4, 
jiXI— KP W£B^-y^a53£^A6fc!gH^C0/1 
*-TCfc4<. n0£TBEE**-y h30MMEBr*tifc 
BEE**>y h501*ffifll LTWHBrPMKC fctf?* 
£ 0 BSE**-y h©^-r^^>rffS0M»f* 

& y a SJfflffiffJK ft y > 
«fcy££tttf*l\ Sfc, BRli7"-/^*a53tC£^*/\ 

•y ->aawtf 1 arai>/c46, ? HBBH&mc&tzK 

[0 12 9] ca>«fc34^Ph3il/->-^>X*»oB 
[0 13 0] 01 51CJ3^T, 0 5<hMSS©t4, ^7 

f 7 7 >h?asisu : Bpi+t-/\"¥a53T£y, bh-9— 

/t#«32U*b»Jtfftl\, Sfc, ^7<7 7 >h#a51tC 
fc^T05O)'>7'r7>h#a31<!:SftS©t4, ^-{r-y 
h«J$?a51 1 ^BRltl— ; ^S53*» 6 ©BEE? 1 ^"7 hT 
icket50lcDBEEf-^-y h7 s -*5101t,«J$T*««fc-5lc 
L7c*lcSS 0 S7c, BrT-9— /^aS3lcfe^TH5© 
BrF*- y^a33<hSft«©l4, ?^-y h*Jffl«S#S 

53iff»yjpjfflRriE0a*t)aj73-r«'fcffltu 
^ay \ >y •> =l ¥ a336©^t> y 1 a©y \ -y -> o. %n h 
£ffft5Sg3©yvy->i#a532£tStt, BSE^^-y I- 

ica-r *bbe?**j« LT^wa-r 2 ©beewhp# 

[0 13 1] il©^y>y h«J##a511<!:LT(4, 

•y h^#S3i4tra«©««3t«at*iaiioLTffiffl? 

t5o ^^>y h-*Uffl < gS#a531 < !:LTt4, hi 
So m3tDy\-y~>iL#a532«kLTl4, mZH/Vyz/n. 

h ©7;uu y x/**ffi*&A,£3«0atfffiffl-e# 

S 0 m2©BEEWJP#a533<hLTt4, BEEWiP^ 

S328tH«ffl««fi«fiWP#* D ftfc, ±K##a^ 

^-r^PUVtra— $f*7hf4xFlffl=l>ea— $i±©3> 

tt^-©=iyfcfa-*rp^A*Biffiyprfli&jBa?^ 
p i±immmam u 7°p ^7 AiBg«ftii?x y 

ttSl-iniAi,iJ.f.«i : ftir HI*JHI -7-* Six 



[0 13 2] JM±fl!)«fe3lc*«*tlfcKiE->X7 1 lKfl!)B 
fflco^THI 6*#!HLatfSBWr*o £iITl±, 
BfiE^RAuthent i cate Request301tfl§fiE^-y"y hW3b 
@& n * <fc «fc & 5 «£fcOl*TK&3T*. 

[0 13 3] ST» f^TyhZmiRtSmPf—rt 

IfBSE^Btf frft to*lT«*f MKtiu ISSE-y--/ \*#®32 
J;y*5-f7*> h#a5T\BK?^'> hTicket304tf2£ 

[0 13 4] E;WE»LT27-r7*:/h¥«51fc:S^T 
tt» Xl®3£9ffl-#a311UH5. 064)ii£<t|5]«Uc 
IftffU ?^-y h«ft#a511ttH5, H 6 
Vy h«j##a3l4£H«fcl!ifEL, BE^fr* Hi eke 
t305tf BRTKRAuthor i ze Request <t <t fc fcBRTy— 
?®53tciiien^ it tic, BE^-y hx-*frbW 

5*0^31 1 2tfm& zn&w \ a ¥®3i 7£assn 

[0 13 5] C*HC»LTB^I-9--y«#«53lE6^T 
H\ *3©a£S«#«331, BRl|fBS#a332, KIE^M 
flE#a333&tf y h ^abWS#S334«:H 5 % 0 6 <7> 

affl3306tW»lsia3307t»fT««SiJ?3308t^^-y h 

W5aaffl33io <t 5f ^7 h iuffl < ts#is53i ki^t 

^<5r«y h8IJBVI#3l531(& 05, H64>«£® 
h5Wfflea#a33StH{SH«tC»ff LT. Wffl 
0»53O1*m3flDS6S«#«331*^LT3Rl^-f U> 
->*Chal Ienge306<t LT^<7> h#ft51fcaS»J» £a 
/ \ y > :Lffi3306* S \ -y 5> nfil5302<!: LTB 

W>l^lllHiai^-y«ISil?fl!>ffl5303*a*LT»2<)!) 
BE?«iP#S533lcS§o 
[0 13 6] CftiatfTS*5^7'>h#a51©lM1st, 
05, H 6 EAST'S 'J* BW+U>5>Challe 

nge306Kft LTIIrI^ 1 + U> 5>jSSResponse307tfi5S 

[0 13 7] Eftfc8LTBRTtf-/f#«53fc;l3l*T 
fcfc, BW A- U> S?JSSResponse307ttSB 3 Oiigffi^ 
S331TS«*n» *a/\V->i«5304tftttH*tlTl! 
3 <07Vy vn?S532SU : m 2 <7)BE^j!)D^a533tCKl 

en5„ mscDjsyz/zL^msmt, £ayvy-> ^530 
4iu \ v ~> =l mm h oT, y \ v -> =l oafttf i « 

Xtc-^SU \ v ->iffl5305^BRHB^#S337lt5MS 
(S T 5 3 0 1 ) „ BRTJB^a337tt, £By Vy->n 

{g5302t \ -> att3O5£0-aW5&6fiftl* 

(ST530 2, ST3316) , "9^6*5307**2 

©BIE?tilll#«533KaSS 0 
[0 13 8] B3tf«B322t^£B&J*tlH3LT£ 

y, MSSIfcBtK $YAX2>75306£m2(DBE 

?«»D¥a533tCf;±^ LTl^o * 2 £DBE?ttflP?a5 



? ©B5303 £ £By \ y *> :i B5304 £ * -T £ X * > 75306 
tm^V—J «3 g T Bf^fKBU? t * * £ L, C 
ftKaLTBE?££/£LTttJjnLTBE?$-y h?- 
*5308<hL (ST5 3 0 3) , !g 3 £>£g<f3M£331£ 
ttLTBE^-y hTicketSOIt LTBpB»31Result308 
ttfclC^-fT'Vh^aSIUlSS (ST5 3 04) „ 
[0 13 9] EtlU:»LT*5-r7':/ h?a51ltJJ^T 
t±, BE^-y KTicketS01ttSlO2£a«#a311T*S 
fl*tU K»*y hx-^S101<tLTBulB^^-y h« 
J#*S511l::3S5tl«Jt*tlT (ST5101, ST 5 
10 2), :&0©fflBB^#BTH£ffl*ft*. 

[0140] ctiic«fcy^-5-f7'>h*a5i/)^6BRr-y- 
-/t#es3fcBs*i*BiiE?$-y H3ostftt&3^a 

yvy->nffil±. *oa»tf»lfflBprctfcl foSoT 

fT<©?» BRTv-y^#a53?u:/\'>">aaaii4 1 a© 

^ 0 C03KfiKJ:y» '?^<7>h^a31l±yU l 7-K 
P W*BrI-9— y^a53*$46fcSe=#t::^-r C ift 
<, ft^ttOiya^BBE^v h3O5*fiMLTn0 

s?«fcyffi^is»ffla-«ufflBpi*is*citf?#3o 

[0141] Ji(±©KWT'«:^^-ry*> h?a51 

icfi^TSi«BRr#a©7fcffu:*a/\y->affl*st»r 

zmtiLtLtc&s WB**y hfflTOietcr^TOaik 
©^ay \ -y -> a fi*«BuH-S[ LT«?&IB1t¥a316lc|B 
«r««bC& LTt,Ml\ ^-©^ HSIBH3MS316 

[0 14 2] C0)«tafc, *HBO«BfflBSES/X7 ; A 
Sfc HBBqTOfSmil«SiBr«C^:tfT$ 

So 

[0143] (B 7 ©Hffi©Jg8l) * 7 (7)HSfefl5SI©B 
Ui/Xrhli.* mWT'rv h*afi»OBpI-y-/«c»L 

[0 1 4 4] 01 7tt» ccBBE^XxixO^n 
*mT7u V=\l\/ : i/-'r>zmT°1c>Z> 0 01 7lcfc^T 

a62, BRl-y-y^a63TSoT, ^etcigBE^^-y h 
B»¥a64«ia«LTL , »*. Sfc. BSE^+U>^a» 
Response303*SH-7fcBSE-y--y^a62tf3II£«Authe 
nticate Request301frSJRHJLfc*$-'y hBJB'J?T I D 
«t+f-y\*BS'J?S I Dt^ttia»nt*it,ft^fcBE 
^^■y HtfirB«B&SRegistration601*BE^^'y h 
BS#a64'\i2i«^ RpT^Authorize Request602tf 
*yffl0ttk*ttS5jSs BRTSiRAuthorize Request6 



3tf|gpIg3?Authorize Request602SU : igE?^ , > h305 

D < hfUffl[s]ak<t£ < h&&ofcBliB 1 V;/ hBEMSrJg 
^Update603^l2IiE?^'7 h'ga#a64'\£3,£, £*l 
ICS* LT&EfcHS LTBfiE^V;/ USftiI»Reject606 
tfigStt**, BeT^t U>^Chal lenge604tfSlffl[Hia 

k©f«t)yicsiH!Sfts«fc-5i«*nn:aj»R kttt, 

&a£, BrT? 1 * U>5JjSStesponse605tf/tt , 7- K 
PWta»R0tOjMSlc3*LTn-k + lS©/\y-> 

a o fcie** i tft a lifts. 
[oi4 5] ca33&at(c«fcy» ^-r^vh^aeu** 

/^•7-KPW€KRT1t-y^afi3*^a6fc*=#tClfl 
S61 str SSo TRrT*-/ «#S63 <h ttSul LfcBfiEf 1 * 

y htta#a64T^iy^-r*fc46. ism^^^ h304 
*aa©KRiit- / ^S63Tftai«:5pjffl RTjjgt -r a c <t 

[0 14 6] CflD^P h^/U^—^VXftftoBE^X 
x/x©«^col>TEI1 8*#BBL&tf6KWrSo H 
1 8fcfc^Tt>|g5£g&£©l±, ?a-r7>h3M£6 

T, *5(JiBSi?^y h*a?«6«ciattILTL>«o S 

©*jffl0ak*«ar*^^-y h«£»i#a6ii£* 

fry hfiB*#S3l40fW3yicHW, fcT-y h»©SKl!jW 

iaffiK3tjt*fia as i <3!>flNi!!ttKa»*a6i2*is 

Its -3®iai«Bttfcjilli:£3. Sfc, BIPJ— 
S62lCfe^TH5©KBE-9— /^a32tRftaOtt, 12 

[0 14 7] BpT-9--/^#«fi3tcfi^TH5©B 
Rl-9— /^I833taft«©tt, SH^-Jry hffl^y h 

a335©f«toy icr^ iMB^a&Jisicftafc&dir 
^s 2 otajBffi*#s632, t* y h mmmmmim 

[0 148] CCD**-? hfiJteS#a611£LTU:, 
hfia*#a33Sil^a©«rtl::5pJffl@a©sHt* 
ffft3ttl*B»€ilinLT*fS**l*. *1 , «2©St 

ftewiiaffl?a6i2 s 633£lti±, «y*att3isi»tfffi 
^^-> i-a^jt^#a62i<!:LT«> fljia 

a30i&tfffiBT"**o :Hr~y hM£frli^#a631<tL 

ti±» «y*tfsiS:ia»3B«ffifflT*Sc S2©aa*fiE# 



*7i -xsii t r-* ©»we^*ff & attaiHiBi: 
* y^/\vx<t (oii^tcj: y**T#*. as* ±ia 

±©3V£:i-$7P^A££ffl LTH3tLTt.fi 

ft»a?7p ^5 Asasanwcsa l. yp ^usa 
a#aay«atii*^to-&fc«rtiE«fc unsLTt.fi 

i\ 

[0 14 9] #±©£3fc«/£**lfcBH->;*x/*©S 
m^^Til 9*#JHL3B:tf6BWS-r*o CCTtt, 
ISliEgitcAuthenticate Request301tfBBE^^y hW& 
0»n*tt,ftat§tEWTll»!t5. 

[0150] sr. =l— vwtt3mc&tz95<{7> 
h#S6iarf3SE-y— / ^a62icfc n-siMma 5 , h 
6©a^tHff^a^ a»wici4BaE^-/^a62«k 

y^5-T7> h#a6T\BiE**-'.y Hicket304tfi£6 
*l£o fc/cL. ? 5-r7>h#a61lCfi^TI4, £©<t 

h«j##a3i4©»ff*^^y h«^ta# 
aeniMraao sfcBSE-y— A#a62tc&^Tte, b 

SEgARAuthenticate Request301frSlXtii£ftf;::ff5a[£] 
a6201 t±^a/ \ 'V -> a#a325SO : BfiE^J]Q#a328© 

«jB^$-y haas^#a62n«:'ba6stu /isj 

?6202t±BSE?^J]P#a328©ti fr?^ 'V h Bfi}|*# 

a62nct,^bti, haai?^is#a327T4rit* 

tlfc** V h agiJ?6203ttBBE?#lJP#a328ffl«3b^ 
*v KB«Bia4#a62HCtija£Sti*. 

[0151] ^7 haaffi^#a62itt % kk 

SU?6203i:-9— /«giJ?6202t^»lHia6201 1 *3B£ L 
TBiE^^-y h«ftaaSS7 r -*6204*4diL, S2 
©iMS«#a321^^LTBE^^-y hafr»H8^Reg 
istrationeOltLTBSE^^-y Httl#a64H:3iS (S 

t 6 2 0 1 ) „ znz&wcmm.T'ry hwa?a64t± 
^>t->> h <jx h*«aLTfiy» mm^y hmmm 

JiSRegistration601tf-4^.6tlfeJf#l^ f^ry MS 

w&zmvz?<rv h yx h**a»LT«tcfia*ti 

su? t^aiHiat»yMfflRriii0a*s-r«t lt©^ 
aiaa©^?^^ h yx hiciiiioLiBtt-r*o 

[0 15 2] CtHc»LT^5-f7>h#afi1t»:fe^T 
li» BBE^y-y hTicket304(4S1©2S«#a3117S 
«*tu BSE^^-v hf- >3notfaffl*ftT?^y h 

fiawra^aeiifcsssnso H«i«ea#a6ii 

{iBSE?^--> hf- 5i3110^-y— /«BI?3101£8Btf 

itT«^L, BE^y hx-^^sauLfcwaaa 

*«U MfflRTIIHat LTRIBSICWIL (S T 6 1 0 
1) . jpJfflBRl#ISett3ia6101tf^A6tife»^l^ 
WM.T'rv hr-^IIISSl ©i£Sffi#a311*-rt-L 



^b?l<^ < tuJ:t)^#/c^|Jffl0^i^61O2^ (st6 1 o 

2) £1 ©iM§m#S311^y>LTi§5Jg5RAuthorize R 
equest602<t LT, BR^-M^M^lC^y (ST 6 1 

03) , *bK, ^EE^^-y hx— ^^SlXtUL/cW^ 

[0 15 3] Z.t\\zM\~TWPl + t-J^WL61\.Z-&^T 
it. BSE^-y Hicket305&tfBpIS5fcAuthorize Req 
uest602l*3l 3 ©iS§€#S3317§ft* *U BUB 1 ^ y 
hf- ^3301fi«ffi:ai*nT|gE?«E#S333lc2g6 
tls *Uffl0a63O1tfI&aj*ftT5^y hM»f*i^S63 
H^bft* (ST6 30 1) o lgRlH-B##®332, BSE 
?ttfiE#a333»tf?$-y hW«*JS#a334W:H5 % El 

?S631lct3M6n. =ff5aiI*|]6303tt*Vy hMSrJtS 

#S63iatfjB2©aasi8#«632(C3a£6tiSc 
h MSr*i^^S65.i ti, waaffl6303iy 4* s *i* <t . 

**y hSIS'J?3205t-9— AiiSiJ?6302<tWffl[H]^6301 
tSjMSLTBH.^^-y hJIEMSf^x-$6304££ 
JSU *3©2SS«#a331£fl-LTRIiE*$-y hSE 
EBfffiSUpdate6C3i: LTKSE^fry hBS#S64lciS 
3 (ST6 3 0 2) ttttC, jpJffl@a6301*-f-O** 
fijffl@lfc6306<t LTH3 ©^S/ \ -y -> a 3^336^21 

Ji;SUpdate603#4*SftfcJ!l£K, *>r>y KMS!?* 

mm* »*sr*»yMfflRnniHi»*sr*iBiEf- 

®EMSfti*Update603tf £ ft 5 0»£ © 
£SHE-Srrsc£**iy*LT, IELW*Uf*$-y 
h 'J X h *<7>£S y SPJffl PllllHia*Sfffi* 1 X U iE L 
< ftWrU4BSE*$-y h*SftiifflReject606*2Sy E 
To B8E*$-y Kffi|ft^606ttBiiry--/{#a63£Js 

afflx-^6305<fc LTfulS*$-y hM«rltS#«63HC 
£b*l* 0 KSKl&S#a631t4, *a/V> S/n 

«3306**flDS*^S/\y->a«3312i:LTBRrgB^¥ 
a337ica*tf, 1HE**V MHH«t-i *6305ff4 

*s*i*£z:ft*8Jitrs„ 3i2©aa£f&?a632 

14, Ml»6303tf4*.bft£<h, r-*HM«>^+ 
U>5?a»6307*Srfclc5>^A^ritLTSl2©»fft 
Wf!lSffi#a633lcSi^<t < htlC. H3©&gfi^a331 
^LTBrT** U>v>'Chal Ienge604<fc LT*5-f 7> 
h#«61KaS* (ST6 3 0 3) . 
[0 15 4] CJMCj&LT^-r^Vh^gtellCfcl^T 
14, BpJ* + U>5>Chal Ienge604l4g 1 «)iS£Sfi#a31 

iTSflisn, * j ' u>^a»6io3zy«iai*tiTSi i © 

StfteMISSfil?g612^Setl« (ST6104) 0 ^ 

a/ \^~y=L ?a3i 7t4, mmm^ wmmmmm #4 



Mi3113£?#T, /\y->a«3113lCfr»lHltt3112tfi|ffl 

0«6io2tfl!)*kfflar*a»©/\y5/iiawH*ffa 

ol, 16*0*8/ \y 5/ nffi6104*. is 1 ©SMfewtig 

«3#a6i2tc^^ 0 Mi©sffftWisaffl#S6i2tt, *yg 

BTOBEI^6101tf#jlSftTl/'S»£fcU *a/\ 

v^D-memt^* u>s;a»6io3t©iBT?tf y ks© 

»fft«l63»am*ftft i\ fita^a/ \ y > affi6l05* 
S61 ©&gfi#a31l£*VLTBpJ*i' U>v>' 
jS^Response605«t LTBRltf— A#a63tC^S (S T 
6 105, 5T6 1 0 6) „ MyS/aSWH 

y, coaa*a/w>afi6io5tt/U7-h*pw % a 
»r o&tf *+ u>s^La*ttSfti/>*=#fci4fmr 

* £ <t ?#&i/*fcak c ©flta^S/ \ y -> affi6i05ic 
<fc U/U7- K P W*«SIESft:i.-1fe*«E ttfim 

feW-* / \ y -> a 3m H onttttf $ < frftfctiTlN&fc 
46, cl OD^a/ \ -y ~> a ffl61 04z^ 6 VXOtrW Wszl ffl^ 

fc\ /\vS/a3IW4-«fclM3m«l: | J , fcl oofgJii± 

^ct y tsaicjflstf ft 

[0 15 5] C*HC»LTBRT-9--/^afi3tE£^T 
tt» BrI^ 1 + U>v^gResponse605t±m 3 (7)^§fi^ 

a33i T-gfisn. ata$a/ \ -y -> ^ffi6308^tb * n 

T»2ffl»ffl!«BSl»#l8633t2S6tl* (ST6 3 0 

4) 0 minmmmim^mim. nwjzm 

307tJia*l!l/\y*>affl6308t©IB?tfy h-S©^fft 

«»a*aaw*ffft ^t. ^a/\-y ->ILfil6309^^f 

3 <7>£a/\ ^a336K££ (ST6 3 0 5) „ X 
3 O&W Vyi/3. & mmt, 2>mJ \ -y > n{g6309tcf u 

ffli=»fi3<i6u:«ar«a»©/\«y->a3w*ffaoT» 

mBk<D=3&W \ -y ~> a{l3314£B^BB£?a337KS 
*o BpT^¥a337ti@5, 06«D^«»:|5l«tC»)fF 
U BpJ«tt7 ; -*3315£Jg3©Sg«#a33l£:n-L 
TBRlii«]Result308t LT^^-TZV h#a61lc^ 

y, ^7-r7 7 >h#a6Hcjj^T§ffi*ns 0 fc^u 

BH^^y hffif6ii«]Reject606©gfl^«fc y 

-> affl33i2(o«tietfffl±*ftrc«^iE(4c:<oiBy Tttft 

^ (ST6 3 0 6, ST6 3 0 7) „ Z. 0>l5}£ K. <fc y % 

h^m6utj$z r j- KPw*Rpi-y— /^a 
•y h305£Hffl LTaaoaRi-y— /^aicj* LTfjffl 
[0156] ftfc\ &±©iaTOi^<7>i^a6i 

©*a/\ v ->afil^*MttS LT««E«#a316li:E 

nr««*tLTtfii\ *<o«^, awiBti#a3i6 



[0 15 7] EflOJ:3fc % ^<DHS6fl5«Tt±. BE?* 

[0158] (m'8(DHffi<o)Bfli) m8(Dmmmmcom 

[0 15 9] @2 0t±, ££>BE->7.xA£>7P 

*mm$s&M -ivzmvnib r> t. * s ics 2 ©b 

RT-9--/^S74«iaaiLTt'»*. £fc igpIg^Author 
ize Request7O1tf*JB0»k££fcft3£* BeTg^Au 
thorize RequestTOISlfBE**-* Kicket305*gtt 
<¥H73tf BRTBSAuthor i ze Request701& 
tfBE^y hBCSfrSttULfc^v h«MTT I D 

hJBSjSB^ lnquiry702*BE-y— /^S72*fctt 
S2©KRl-y— 7<#g74^i3£3^ EtlfcJtLTiBBG: 
JS CTBE?^ y HafeajOReject705tfjg*n*j£» 
BrI^* UVv^Chal Ienge703tf fUfflHSfc k ©ttto y Kg 

-V U>57(SSResponse704tf7 W7- KP WfcSLBR 0 
£©ai£(d&LT n - k + 1 BflWVj/S/aSlWHfcttL 

fee*.:* s t r k t mmmmmmmz-m ? ids 

[0160] CW^lCfcy, ^7<7 7 >h#®7K±y\° 

x-7-FPw^Bpi-y— 7^873. «2a>Bqr-9— 7t# 

B74*£»fcB=*U:«fr* C <fc & < x n 03: 7BE? 

h304^>SSfirn/cBSE^^-> h501*ffifflLTWffl 
BrT*B*C f!]fllB»k** J 5-r7V 
71zJ^bBRl^-/^S73^^LTBIiE5 1 <r-y KfcBfrL 
fcRE?-7<¥S72*fcttjE8r Lfc* 2 ©BrT*- 7f* 
S74lC^-pT5 1 xy^-r«fe46, BE*** H304£» 
B0Bprtf-7f#B73, 74TftiikjpJfflpIll64tflDtr 

[0 16 1] c©«t54rnh3^5/—&->X*»oB 
BES/X7 L i»0*jSlC"3^TH2 1 £#!HL&tfSBWI3-r 
H2 IfcfclvrfcHI 5£gft30(4» -75-<7> 
h^S71, BE"y-7^S72 % BRr-y--7^«73T?»-3 
7\ *5fcB2©BRT*-7l#W4«attLTl**. * 
7c, ^5-f7>h?S7HCiS^TB1 5©-7^^7>h 
¥S51tJlftaott, BE^fry h«fiB#r*fcfc«bU: 

hfia##a5iio«t)yi!:K^ hsoftflti 



«72fc;6i*TB 1 5©BE-y-/s:#a32<hg&3<Dt±, 

So BRltf— 7t#«73lc£l^TB1 5©BRl-y- 

7^a53tB&«©(4v WWT'rv Y^'ry hf&SU? 

TZT'ry hEffi*3#8731£*4rv KipJfflWl^as 
31©ftfo l J KBW\ HBB^tt&SKUteSArSB 

2©tsLa*/s#a732, tr-y hsos^HBsasff* 

& -5 B 2 ©8HI!!ft»Sffl#S733£KW\ -SPO«« 
*&4&fcj£fc*3 0 B2fflBRT-y— 7^B74t4BpI-y-- 

7M73tra«©««*itot,©T?sa„ 

[0 16 2] hfiJSWl#S711£LTfcl:s 

3Mins]»*iaiiaLTffiffl?*s 0 si, B2osM&tt 

BBff#B712> 733£LT(i» B^UBBBBsEMeB? 

hBfj«31¥B721fcLTU:, fflAtff- 

»B»atfttBBB4:*BBO^t «J T/WXi©fi^ 

*t«ty«*T?#a„ hMSrBa#a73itLT 

tt, BS.fcrx-^OMJfflB^SfifftaBBElBiaffllsl 
B«B^T «BB BB&tf JtRBB^ABBoy =E y x 
7UXt©ffl^a:lE«fcy«jS-Z?#*o B2©f5LBffi^ 
B732£LTtt» S«*rit#B324t^«ffl««flHSM7 

TBBLTtiB^. *4^lif©avta-«7n« 
A^flElX y RTBft^SCT r □ ^^ixEBBftlcES L> 
^7ixiBBB«6ElR y SBtffl*^to-&fc««t:: «fc 

yniiLTtm^o 

[0 16 3] JU(±©«fc-5t««*n7-=BE->X7 1 ix©» 
fffcOL^TB2 2*#BLfttfSKBr*. EC 7(4, 
BEM3<Authenticate Request3016^BE^^y hW^J 
BBntttftaB^tc^TBlHr*. 

[0 16 4] j.-vmummz^f^^^yy 
\~^®7wvmwy-j^m72ic£;vz%!mim 1 5, 

01 6©«&t(i(fHtt?, B»W(E(4BBE1t-7^B 
72 c fcy^^<7 7 > h#a71'\BE5 L ^y hTicket304tf 
iM6tlSo fcfcU ^5-r7>h#a71(Cfc^T(i, C 
a>tza>?<ry h«J##S5llfl!>»fE£?$-y hSJS'g 
S#a71 1 5 o $ fcBB*-7 ^#B72Kfe^T 
tiv BEg3<Authenticate Request301^6BXtti*tl/c 
^S&0S72O1 l±^a; \ y *s d. # B325aifBE WUP? 
B3280H*^y h«fHra#«721K«bBS*U f— 
7«BJS'J?7202(±BE7fl1in*S328©(ifr7 c ^-y hflff 
Ba#S721(ct,2S5*i x hBSU?*«#a327T 
ZLfftetltzT'T y hHSU?7203tiBE?^ia?a328© 



fcy, ^y hWgiJ?7203i-9— y«KiJ?72O2iW«i0 
lfc7201i^tl?Ufflprtg[2]^^rfii<tLT<7)^5<J!)[H]^72 
01©ffl*^^*y K'JXhtCiiiPLlB1fr« (ST7 2 0 
1) . 

[0165] cnic»LT^5-r7>h*a7Hu£^T 

W\ BliE^-y hTicket304fct£l ©jaSSfi^gBlTWg 
«**U KBE^v hx-^llotfffiHiSliTiaBB** 
•y hfia*«l#a711lcaSSti*. MfB^-y 
S#l671Hi, BBE^^-y hx-^IIOfctJ— /«MU?3 

ioi£»js-3wt«j*u mm-'r-j hx-^^sttu 
Lfcwaisia^ayjpj/ipriiiisiat lth^isl 
(s t 7 1 o 1 ) , *j)iBRi#jeE«iisa7ioitf^ii.6 

ftfci§£lc N BSE** ■> hf- *3111££ 1<7>3lgfl^ 
®311^^LTlSII^^-y hTicket305<hLT, $/c, Ji 
y*'Jffl^t£[HM 1 «Ufc5 *?3SE^$-y hfrbBXtiJ 
Lfc^a0»fr 6 3 1< C «fc k J: y ?#^*'Jffi [s]a7102£ 
(ST7 10 2) *1©SIS«#S311*^LTBprS 
^Authorize Reqiest701<t LT> *ft?tlKRT*-/^ 
S73icay (ST 7 1 0 3) , JStegSE^y I-t 1 - 
*^6«HlJL/-c^aiHia3112*^a7\y->a#l!l317li: 

[0 16 6] ^ftlCftLTBRl-y- A*#S73{Cfe^T 
fck BSB^-y hTicket305Sl>'i§pIga<Authorize Req 
uest701 t±E 3 (0%mm^ S331 Tgfl* *U BlI^ -y 
h x - * 3301 tflR ffl *ftTBliE?&IiE#8333K£i 6 
ft, *MBa7301tfSM3-ftT^'y hM8rM3MS73 
IKSSftS (ST7 3 0 1) „ 

[0 16 7] BrTI+BS#I£332, gEE?^E#S333SU : 

?y-y i-mmittmMimi 5, hi 6<oi§£<>:ti 

(S|Rl«t!:ttffU fc£U -9— /^U?7302l±^^-y h 
*rabW£#a334««fl^$-y hEBrtfa#a73HEt,Si 
6ft, *r»affl7303li^$--.y hBBrSS^SI&tfm 
2©aa£j«#S732U:ig5ft.5o ^-y hM»r*S# 

8731 tewn^tzi-'rv h'jxh LTfc y , 

3»ffl7303tf4*5n«t» ^<r-y h IHSU^3305 <t +^ — / \~ 

Ksy ? 7302 <t ? uffl 0^7301 <t zmm Lzmm^ ^-hi 

&BB£x-$7304&i#T, S3©3iSfl|#a331*^L 

QWW—j&WA^BmTtry h JUiJH^I nqu i ry702 
*26«ttt,^ ^>y h«ai?3305t-y--/«g'J : F73 

02twa@a730i 'mm^mmm.^m-m.t lt® 
w«iiH]a73oi©«&^^y h y x hfciifljLEtrrs 

(ST7 3 02) ., 

[0 16 8] Cft&gttfcBEtf-A#K72T*t;J:, ISIjE 
f^7h SMBB^ I nqu i ry702t±m 2 <D£g{l#f£321 T 

smttu hW3ij?tit-/«Bij?tsWffli5iat 

fc^/uTcBIiE^y hJWi!H^7 r -*7205t LTlulB^ 
Vy h*ff«a#.972U;:i355ti«o fulB^-y hfSfi 1 



©5H§fl#S321^^LTigiiE^^-y h£ttti*I]Reject7 

05<tLTsy^-r o &j>, S2©Kpi-y— y^#a74tfc 
•y h »frea#s72i «t Htto?g»i*fT a a „ 

[0 16 9] Igpftl— /\"?®73[Cfc^Tt±, BSE^-y 
Hg*&I»]705ti3t 3 ©2fg«#«331*ft LTBEE? 1 ^ 
•y hJE*6aM5 r -^7305<hLTB5IB9 1 ^-y hMBrtJl? 
S731l;:&6tt£ 0 luIB^u/ h3E«rWI#S73H4 % £ 
87 \ -y 5/ a fil3306£ ^ CO £ £ £8/ \ -y -> a ffi5302 <h L T 
BRlf!B£#8337lcSy, ^>ry h«SiJ?i»y!pJfflpr 

fluaat -y— / wbu? t ®«5303*s 2 omm^nm 

®5mC&Zb\ BEB^-y hJEI63iffl7 ? -^7305tf4 

^en^<tcn6^ffl]±t-^o S2oaa£/a*a732 

tt, W3lBiffl7303tf-§-ii.6ti«t» T-ZM&mcD?* 
b>> f aj»7306*»rfcU:7 V^AIE4« LTS 2 ©Sffft 
WSHaW#S733lCj|li.<!:<httc, S 3 £D3i£gft#f8331 
+ U > v'Cha 1 1 enge703 <tLT'?7'r7 7 > 
h#S71tCKl^ (ST7 3 0 3) „ 
[0 17 0] Z.tLlZ*SLT<7z>-<7y\~^fflUz£>^Z 
Uts BrT? 1 ^ b>v-Chal Ienge703t±m 1 4>iM§fI3M£31 

iT-§ft*n, ^-fr u>v f aa7io3<?«Hij*tiTSB 1 © 
SMft»«iaffl#a7i2ij:3£6n« (st7 1 04) „ ^ 
a/ \ >y -> a#g3i 7«. ?fjfflii!Rr#jiiig»)a«7ioi 4 

^enT^^Ji^^ iiutB&mfBH3MS316<J: y /\-y-> 
affl31 13^f T. J \ v "> a ffl31 13lC#^[H]a31 12 1 ftlffl 

0a7io2t©iii!:ffl3-r*Ba»fl!)/Ny->agtiiH*ff4 
jg*©*a/\y->affi7io4* % m 1 osffteMt^g 

ffl?S712tCKl-5 0 Ml^f6WISiSffl#S712t±, Wffl 

Kpr#ae»affl7ioitf5*sftT^*»£fc. 

•y->affi7104<h5 l V U>> ; aa7103«»:(DP^T-t:"-y hfi© 

mi&toffimmmnz'tt[,\ m&&w \ v -> afirios* 

4«U Sl©aS€#a3n^LTB^*U>5? 
fS^Response704<!: LTKRT-y— 7^8731^2* (S T 
7 105. ST7 106) o /Vr>aI»Hifi^^ 

y, ilwm^aA'yS/a^lOSti/^^-KPW, a 

aR os^^ u>5>aa£fflsa^£=#fciittji-r 

*n^„ £/c, ji£tcS-^<Dt^ti«i:^ISA-y->iL{jHc 
Jilt \ -y 5/ a 3iH H cDKatf £ < ^fefetlT 
A6> £ £>£gy \ y -> nfil7104fr 6#<D£££/ \ -y > 

fc\ / \ -y -> a >lSl±-flgtcP§^3IS«i: y 1 1 0 0 «JM± 

®^3]&sa■c ; sn^i'l^g^fflL^/cli 



It, ISrI^ \ U y v'^Response704C±m 3 <D>Mg{l^ 
f£331 T'§€* ft. 8tSL£K/ \ ~y > afil7307tf SXai *ft 
T^2£DBfffiW^S«]#®733tC^bnS (S T 7 3 0 
4) „ 3S2©»ffll«Bg«#«733tt» ^+U>5^L»7 
306£«SL£SM y*>afi£7307t(3!)IBT?kr-y HS©»fl!! 
WffflSflI>ilS^?: : ^ -a T, £B/ \ >y ~> afil7308£f#TSt 
3«DA'yi/zL^gt532tcS^ (ST7 3 0 5) „ £3<D 
/ \ -y -> a # S532l± v £®/ \ >y -> nfi|7308U:/ \ -y 5/ =l jH 
S«7%^T, ->a«5305*KRT!H 

^#S337tca* c isniBB^s337so : m 2 ©biew 

JO#S533liEl1 5, HI 6<Dif£<h|H]«Hcg|fEU 12 
m->T«J hx— $"5308*M3 0)SSfll#S331*^LT 
BHf^-f Hicket501£ LT*5-r7> h#S71fca£ 
So fcfcU BtiB 1 ^ ■> hffilftHfflReject705©g«£ 
«fc y \ y -> n ffi5302Stf ^ -y h KBI? <t » y Slffl 
^#g@lfct^-y\11SiJ?i:tDffl5303©«^S|]±jnfc 

*§£Kli CtDRyPttftl^ (ST7306, ST730 

7) . 

[0 17 2] CftfcaLT*^7>h#«71fcJl3^T 
«:» ISBE^^-> Hicket501ttSl©2gaffi#S311TS 

mm^ v hx-ssioitLTiuK^v h« 

*#«8#«71UJ:a£Sft«J#*ftT (ST7 10 7, S 
T7 1 0 8) , 3Jt:0O)?iJfflBRr#KlTffiffl*nSo 

[0173] cntcj;y^7-r7'>h#a7i4i k 5BPiit 

-/^^KSeftSBSE^-y h305tffc«bft51ifSL 
■3 Tfr < ©T\ BrT*-/ ^®73Tliy \ -y -> a smii 1 

Efl»5&fcJ:y % ^^-<7'>h#S71ti/\°7. l 7 
- KPW*BrT17— /^S73, 74*^46fcS=#(EW^ 

*Uffl Rj#£T\ fro? x <y 2 fflg© h77Y'^ fctfitfb 
[0 17 4] ftfc tt±©WW-ett*7'f'7 , >h#«71 

itiji^TW/iBRi'^Horcific^a/ \ v -> i.m*t\nT 

©£K/ \ -y zL«*»mlf-JI LT«WEtt#«3l6tJ:E 
LTfcfil\. *©££, &SIEH3M&316 
<h LT«fc y *«■:©»* V/M^t'J 

sat©©* *j/iBpi#iict a>«ai«ia* <fc y 

[0 17 5] c©«fc3fc, BBE'Xx££*Kstt»tB© 
«fc3k««r«i:tlc«fey, BHE^-y htfMSrSftS 

7jiC^T7\ bee*** Kojpjffl*»attar*cttf 
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[0 17 6] 

Tit. ille, ^^-Ty'VMITOWMraSiMi-a: 
1\ BfiE^-y h©flBBB»*8«U:*JILT=W»8 

[0 17 7] £21;:, a-+fBSE#|iIK;fc^Tt, 

[0 17 8] Sg3K, ^5-r^>h#atf4«LfeKBE 

maMS&®mfflit LTm^m^mt^oTit. 

WW?* -y htf^fefS^flMtf ^-IWEIMIiMBift 
LtiZtclsbWmT'Tv h fr 5 n-+f Etim$g#5fll*n 

ymc»wwi5 : £J!ivwui/ZTkhmznz 0 

[0 1 7 9] »«-««©* W3W*-£6ltt 

/ \ -y -> aaWTfrft 3 il <t <fc »J , O'y^Ty V mm 

[o 1 so] m5ic, wpiy-mmtftm^'rv 

V* >^©BSE75;£SU : BijE-> Xx^Ibti5„ 

[oi8i]S6[L, Bii^^-y Koffiffliaa*tti-r 

^BBE^^-y h'gS^a^lSttfct^T-li, Bli^^-'y 

7t46, cfc y si«tt©»^s/>^iHt-r>*>ffloBiiE& 

BE->X t 1 A AMf 6 ft*. 
[0 1 8 2] J|7lc s BiE^-/\*#S^BRl^-A¥a 
6^BH^^-y h©^7JSS^lB1fr*t©Tl±> BKf- 
y-y h#M»r*ft£->;*xA£fc^T\ Bil?<r-y h© 

Wffl*»WRi7#*ft46 1 fim©«sy v-x*«fc y 
*4 < -»^u*-r >*>s©BiE*a£atfB 

[HiB©W*&BiW] 

[H 1 ] *»W©S 1 ©H«©»mc£tt*SSE5/^x 

ix©«g*s-rtt8ta 

[02] *»W©S2©jt«©JB«lJ:fe^aBIE5'X7 1 
[03] *«B©S3©Htt©»ffifc£W-SBSE5'X7 1 



A©7°P I- □;!/>■— •5t>7.BU 

[0 5 ] *«W<CS4 ©HJSflD^Efi^SKSES/XT 1 
A©«Sl7*P-;/$0, 

[El 6 ] 4 ©||Jfc©ff2tttC fc^BEES/Xx 

[0 7 ] *%!£©£ 4 ©*J6©}BJHEfitt SSIiE^XT 1 
AlCfclXT* -tr- v>'BIiE=I- K*fflL^c*^fflgiiE? 

[0 8 ] *9BH©)g 4 ©Hftffl^lKcfitt SKfiEi/Xx 
Afcfcl^T* y-fe-^BEEP- K*ffll*fcii£©HIE? 
«BE#S©iOBa*tt^P •> * 0, 

©BaaaiJi^cvm 

[@i o] **«i©»4©iijtffljBiiicfc^aasE->x 

[Hi 1] **wi©S5©nft©««ncjsitsgaE->x 
xA©7°P h=m->-^>;*EL 
[012] **fi©m5©ias©«iiicjsit«aaE->^ 

[013] *£Sl©£5©5Stt©reffitf:fcttSK3E5/;* 
xA©»lfF£S?'7P-0, 
[014] *«i*l©S6©l^©fBau:fcttSBBES'X 

[015] *5g*i©sg6©nft©»iitcis^sasE->^ 

xA©a#£7P->70, 

[016] *£$!©£ 6 ©Hffi©JBHK£tt*B5E->X 

[017] *«W©S7©HJt©JBISlJ:fi^SKE->X 
^A©7°P h3ilr>-^>7R 

[018] *«*l©S7©HJ6©JB!ll!:fiH-SKBE5/^ 
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